Description
Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.
Affected products
References
- MISChttp://securitytracker.com/id?1015015
- MISChttp://www.securityfocus.com/bid/15022
- MISChttp://www.osvdb.org/19917
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22538
- MAILING_LISThttp://marc.info/?l=bugtraq&m=112861875408315&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/17091/
- MISChttp://securityreason.com/securityalert/52