SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter.Referenceshttp://www.exploit-db.com/exploits/32660http://www.securityfocus.com/bid/66590http://www.osvdb.org/105364
