Unrated severityNVD Advisory· Published Jul 3, 2006· Updated Jun 16, 2026
CVE-2006-3348
CVE-2006-3348
Description
Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php.
Affected products
2cpe:2.3:a:swsoft:hspcomplete:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:swsoft:hspcomplete:*:*:*:*:*:*:*:*range: <=3.3_beta
- cpe:2.3:a:swsoft:hspcomplete:3.2.2:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.