CVE-2008-5573

Description

SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters.

Affected products

• adcomplete / poll_pro2.0 – 2.0

References

• MISChttp://osvdb.org/50576
• MISChttp://securityreason.com/securityalert/4741
• EXPLOIThttps://www.exploit-db.com/exploits/7391
• MISChttp://www.securityfocus.com/bid/32707
• VENDOR_ADVISORYhttp://secunia.com/advisories/33044
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/47169