CVE-2005-4630 | Vulnerability Database | Aqua Security

SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters.

Affected Software

Name	Vendor	Start Version	End Version
Clientexec	Clientexec	2.3 (including)	2.3 (including)

References

http://pridels0.blogspot.com/2005/11/clientexec-2x-multiple-sql-inj.html
http://secunia.com/advisories/17756
http://www.ce-talk.com/showthread.php?t=653
http://www.clientexec.com/forum/showthread.php?t=8006
http://www.osvdb.org/21163
http://www.vupen.com/english/advisories/2005/2628
https://exchange.xforce.ibmcloud.com/vulnerabilities/23271
http://pridels0.blogspot.com/2005/11/clientexec-2x-multiple-sql-inj.html
http://secunia.com/advisories/17756
http://www.ce-talk.com/showthread.php?t=653
http://www.clientexec.com/forum/showthread.php?t=8006
http://www.osvdb.org/21163
http://www.vupen.com/english/advisories/2005/2628
https://exchange.xforce.ibmcloud.com/vulnerabilities/23271

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4630
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html