CVE-2008-6487

Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.
Configurations

Configuration 1 (hide)

cpe:2.3:a:digiappz:digiaffiliate:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-03-18 15:30

Updated : 2024-02-28 11:21


NVD link : CVE-2008-6487

Mitre link : CVE-2008-6487

CVE.ORG link : CVE-2008-6487


JSON object : View

Products Affected

digiappz

  • digiaffiliate
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')