SQL Injection Vulnerabilities in freelancerKit 2.35: Remote Code Execution via Notes and Tickets Components

SQL Injection Vulnerabilities in freelancerKit 2.35: Remote Code Execution via Notes and Tickets Components

CVE-2012-1218 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to the (1) notes and (2) tickets components.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.