Maxsi: >> Evisit Analyst Security Vulnerabilities
Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl. NOTE: this issue can be leveraged for path disclosure from resulting error messages.
CVSS Score
7.5
EPSS Score
0.014
Published
2007-07-11