Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.
References
Configurations
History
No history.
Information
Published : 2009-03-18 15:30
Updated : 2024-02-28 11:21
NVD link : CVE-2008-6487
Mitre link : CVE-2008-6487
CVE.ORG link : CVE-2008-6487
JSON object : View
Products Affected
digiappz
- digiaffiliate
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')