CVE-2007-6433

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
Configurations

Configuration 1

cpe:2.3:a:jboss:seam:*:cr2:*:*:*:*:*:*

Information

Published : 2007-12-18 08:46

Updated : 2011-03-08 03:02


NVD link : CVE-2007-6433

Mitre link : CVE-2007-6433

Products Affected
No products.
CWE