CVE-2008-5974
CVE-2008-5974 affects Active Price Comparison 4.0, where the login.aspx page is vulnerable to SQL injection via the (1) username and (2) password fields. The root cause is improper handling of user input in the login form, allowing remote attackers to execute arbitrary SQL commands. The available...