Full title: Human Resources Management System - Multiple SQL injection Vulnerability 
Category: web applications
Platform: windows
A Blind SQL injection vulnerability in the login page (/hrm/controller/login.php) in Human Resources Management System allows remote unauthenticated attackers to execute remote command through arbitrary SQL commands by "name" parameter.

# 0day.today @ http://0day.today/