CVE-2005-4081

Description

Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages.

Affected products

• alisveristr / alisveristr_e-commerce

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/23507
• MISChttp://www.securityfocus.com/bid/15699/
• MISChttp://www.osvdb.org/21622
• MISChttp://securityreason.com/securityalert/228
• MISChttp://www.securityfocus.com/archive/1/418510/100/0/threaded