CVE-2006-0490

Description

SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field.

Affected products

• aspthai.net / aspthai_forums8.0

References

• MISChttp://www.securityfocus.com/bid/16404
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/24359
• MAILING_LISThttp://marc.info/?l=bugtraq&m=113837847503661&w=2
• VENDOR_ADVISORYhttp://secunia.com/advisories/18636
• MISChttp://securitytracker.com/id?1015548
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0372
• MISChttp://securityreason.com/securityalert/381
• MISChttp://www.osvdb.org/22790