RSS   Vulnerabilities for 'Active membership'   RSS

2008-12-17
 
CVE-2008-5635

CWE-89
 

 
SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Activewebsoftwares 18 Products
Activevotes
Active trade
Active ewebquiz
Active time billing
Active force matrix
Active membership
Active price comparison
Active bids
Active photo gallery
Active test
Active business directory
Active web mail
Active newsletter
Active web helpdesk
Quick tree view .net
Aspreferral
Ewebquiz
Active auction house


Copyright 2017, cxsecurity.com