CVE-2009-0447
CVE-2009-0447 describes multiple SQL injection vulnerabilities in default.asp of MyDesign Sayac 2.0. The issue allows remote attackers to execute arbitrary SQL commands via either the user parameter (UserName) or the pass parameter (Pass) to (a) admin/admin.asp or (b) the default URI under admin/...