<<< Date Index >>>     <<< Thread Index >>>

Thomson Web Skill Vantage Manager



Hi

Is anyone here using Thomson Web Skill Vantage Manager for online training? If 
yes I suggest to take the system offline and to improve input validation.The 
system allows an SQL injection at the login - this gives a visitor easy access 
with complete Administrator privileges over the system. A malicious user could 
damage the installation.

Don't know if this has been posted already, hope this info is of use.