VU Mass Mailer redir.asp password Variable SQL Injection

2007-11-21T00:00:00
ID OSVDB:38807
Type osvdb
Reporter OSVDB
Modified 2007-11-21T00:00:00

Description

Manual Testing Notes

Login Page (Default.asp) Password: anything' OR 'x'='x

References:

Secunia Advisory ID:27758 Other Advisory URL: http://aria-security.net/forum/showthread.php?t=447 FrSIRT Advisory: ADV-2007-3966 CVE-2007-6138 Bugtraq ID: 26522