Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
References
Configurations
History
No history.
Information
Published : 2009-03-20 00:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-1026
Mitre link : CVE-2009-1026
CVE.ORG link : CVE-2009-1026
JSON object : View
Products Affected
kimwebsites
- kim_websites
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')