SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ultra_plus | Cj | 1.0.3 (including) | 1.0.3 (including) |
| Ultra_plus | Cj | 1.0.4 (including) | 1.0.4 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111539589013911\u0026w=2
- http://secunia.com/advisories/15281
- http://marc.info/?l=bugtraq\u0026m=111539589013911\u0026w=2
- http://secunia.com/advisories/15281