Landray EIS SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Landray EIS versions 2001 through 2006. The issue arises in the 'Message/fi_message_receiver.aspx' page, where the 'replyid' parameter is vulnerable to injection attacks.

Impact

Exploitation of this vulnerability allows for SQL injection, which could lead to unauthorized data access or manipulation in the application's database.