Phase:Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
ReferencesBUGTRAQ:Tuesday, May 09, 2006 Multiple SQL Injection Vulnerabilities in Dreamweaver Generated Code | URL:http://archives.neohapsis.com/archives/bugtraq/2006-05/0194.html | CONFIRM:http://www.adobe.com/support/security/bulletins/apsb06-07.html | BID:17928
Votes:Assigned (Wednesday, April 26, 2006)
Comments:None (candidate not yet proposed)
F7: