CVE-2010-3188

Name of the Vulnerable Software and Affected Versions BugTracker.NET versions 3.4.3 and earlier

Description A SQL injection issue in the search.aspx page of BugTracker.NET allows remote attackers to execute arbitrary SQL commands by providing a custom field to the search page. This could potentially lead to unauthorized access or manipulation of database content.

Recommendations For versions 3.4.3 and earlier, update to a version later than 3.4.3 to resolve the issue. As a temporary workaround, consider restricting access to the search page or custom fields to minimize the risk of exploitation.