Active News Manager LOGIN.ASP SQL Injection Vulnerability

2005-05-25T00:00:00
ID EDB-ID:25703
Type exploitdb
Reporter Romty
Modified 2005-05-25T00:00:00

Description

Active News Manager LOGIN.ASP SQL Injection Vulnerability. Local exploit for solaris platform

                                        
                                            source: http://www.securityfocus.com/bid/13759/info

Active News Manager is prone to an SQL injection vulnerability. This issue affects the 'login.asp' script.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker can gain unauthorized access to an affected site.

All versions are considered to be vulnerable at the moment. 

Uername =admin
Password= ' or ''='