Active News Manager LOGIN.ASP SQL Injection Vulnerability

ID EDB-ID:25703
Type exploitdb
Reporter Romty
Modified 2005-05-25T00:00:00


Active News Manager LOGIN.ASP SQL Injection Vulnerability. Local exploit for solaris platform


Active News Manager is prone to an SQL injection vulnerability. This issue affects the 'login.asp' script.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker can gain unauthorized access to an affected site.

All versions are considered to be vulnerable at the moment. 

Uername =admin
Password= ' or ''='