CVE-2006-4861

2006-09-19T18:07:00
ID CVE-2006-4861
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:39:00

Description

SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi Panjwani Complain Center 1 allows remote attackers to execute arbitrary SQL commands via the (1) TxtUser (aka Username) and (2) TxtPass (aka Password) parameters in login.asp.