RSS   Vulnerabilities for 'Site membership script'   RSS

2006-03-12
 
CVE-2006-1156

 

 
SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp.

 
 
CVE-2006-1155

 

 
Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp.

 


Copyright 2024, cxsecurity.com

 

Back to Top