cpe:/a:elinestudio:site_composer:2.6 CVE-2008-2862 2008-06-25T08:36:00.000-04:00 2017-09-28T21:31:22.317-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-06-25T14:44:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080619 eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities BID 29812 SECUNIA 30762 SREASON 3957 OSVDB 46461 EXPLOIT-DB 5859 XF esc-ansfaq-preview-sql-injection(43190) MISC http://www.bugreport.ir/?/45 Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.