SQL Injection Vulnerability in OneOrZero AIMS 2.7.0 via cookieName Parameter

SQL Injection Vulnerability in OneOrZero AIMS 2.7.0 via cookieName Parameter

CVE-2011-4215 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable.

Learn more about our Web Application Penetration Testing UK.