CVE-2008-5589

SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1 (hide)

cpe:2.3:a:katywhitton:rankem:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-12-16 19:07

Updated : 2024-02-28 11:21


NVD link : CVE-2008-5589

Mitre link : CVE-2008-5589

CVE.ORG link : CVE-2008-5589


JSON object : View

Products Affected

katywhitton

  • rankem
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')