CVE-2008-6364

2009-03-02T16:30:00
ID CVE-2008-6364
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:33:00

Description

SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some of these details are obtained from third party information.