CVE-2006-2499

2006-05-19T23:02:00
ID CVE-2006-2499
Type cve
Reporter NVD
Modified 2018-10-18T12:40:25

Description

SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field.