Multiple SQL Injection Vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2
CVE-2011-2181 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room parameter to base/admin/edit_room.php.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.