VYPR
Unrated severityNVD Advisory· Published Jun 1, 2006· Updated Jun 16, 2026

CVE-2006-2718

CVE-2006-2718

Description

JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrated by using a stored procedure that provides the username and cleartext password of every account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jiwa/Financials2 versions
    cpe:2.3:a:jiwa:financials:6.4.14:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:jiwa:financials:6.4.14:*:*:*:*:*:*:*
    • (no CPE)range: = 6.4.14

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.