ESCMS vulnerability website system 0day-vulnerability warning-the black bar safety net

Version:ESCMS V1. 0 SP1 Build 1 1 2 5 Background login authentication is through the admin/check. asp achieved,look at the code % if Request. cookiesCookiesKey"ESadmin"="" then 'Note that here Oh,he is by COOKIE validation ESadmin is empty,we can forge a value,called he is not empty 'CookiesKey i...

CVE-2006-5591

CVE-2006-5591 affects PacPoll 4.0 (and earlier). The vulnerability is SQL injection in Admin/check.asp, exploitable via the uid and pwd parameters, allowing remote attackers to execute arbitrary SQL commands. The affected component is the Admin/check.asp script in PacPoll 4.0 and earlier; root ca...

CVE-2006-5591

Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameters...

CVE-2006-0624

The vulnerability CVE-2006-0624 affects Whomp Real Estate Manager XP 2005, where an SQL injection affects check.asp via the (1) username and (2) password parameters. The root cause is improper handling of user-supplied input in the authentication query, enabling remote attackers to craft arbitrar...