Enterprise Heart: >> Enterprise Connector Security Vulnerabilities
SQL injection vulnerability in main.php in Enterprise Heart Enterprise Connector 1.0.2 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the loginid parameter, a different vulnerability than CVE-2005-3875.
CVSS Score
7.5
EPSS Score
0.03
Published
2005-12-29
Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the messageid parameter in (1) send.php or (2) a delete action in messages.php.
CVSS Score
7.5
EPSS Score
0.007
Published
2005-11-29