CVE-2004-2562 - Timocratic Locomotives

Description

SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises (LBE) Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Reference

http://www.securiteam.com/windowsntfocus/5QP0M0ADGI.html http://www.lbehelpdesk.com/patch/web/history.txt http://www.securityfocus.com/bid/10773 http://www.osvdb.org/8181 http://secunia.com/advisories/12123 https://exchange.xforce.ibmcloud.com/vulnerabilities/16779