Description
Multiple SQL injection vulnerabilities in the Call Logging feature in FrontRange HEAT 8.01 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Exploits (1)
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/0909-exploits/heat-sql.txt
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36900
Scores
EPSS
0.0030
EPSS Percentile
52.9%
Details
CWE
CWE-89
Status
published
Products (1)
frontrange/heat
8.01
Published
Oct 09, 2009
Tracked Since
Feb 18, 2026