CVE-2008-5892

Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary SQL commands via 1 the ID parameter to admindblayers.asp in an update action, 2 the adminid parameter to adminloginCheck.asp aka the USERNAME field in adminmain.asp, and 3 the PassWord parameter to...

Cross site scripting

Cross-site scripting XSS vulnerability in admindblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action...

Sql injection

Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary SQL commands via 1 the ID parameter to admindblayers.asp in an update action, 2 the adminid parameter to adminloginCheck.asp aka the USERNAME field in adminmain.asp, and 3 the PassWord parameter to...

CVE-2008-5892

CVE-2008-5892 involves multiple SQL injection vulnerabilities in ClickAndEmail. The issues allow remote attackers to execute arbitrary SQL commands through (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (the USERNAME field in admi...

CVE-2008-5893

CVE-2008-5893 is a cross-site scripting (XSS) vulnerability in ClickAndEmail, specifically in admin_dblayers.asp. The issue arises in the update action through the tablename parameter, allowing remote attackers to inject arbitrary web script or HTML. Documented impact indicates client-side execut...

clickandemail - SQL Injection Cross-Site Scripting

clickandemail - SQL Injection Cross-Site Scripting -------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.offensivetrack.org contact : AlpHaATHACKERDOTBZ script : ClickAndEmaiL download : null Demo : http://icash.ch/ClickAndEmailDEMO Exploits :...