CVE-2009-4721

2010-03-18T18:30:00
ID CVE-2009-4721
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:30:00

Description

Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. NOTE: some of these details are obtained from third party information.