CVE-2006-2499

2006-05-19T23:02:00
ID CVE-2006-2499
Type cve
Reporter NVD
Modified 2017-07-19T21:31:31

Description

SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field.