CVE-2004-2746
CVE-2004-2746 : The connected Nessus/NASL entry confirms a SQL injection in XTreme ASP Photo Gallery 2.0, specifically in adminlogin.asp via the (1) username and (2) password parameters. This flaw allows remote attackers to inject arbitrary SQL commands, and the NASL text notes that this may be u...