CVE-2008-5892
CVE-2008-5892 involves multiple SQL injection vulnerabilities in ClickAndEmail. The issues allow remote attackers to execute arbitrary SQL commands through (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (the USERNAME field in admi...