CVE-2009-2366
CVE-2009-2366 describes an SQL injection in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5. The vulnerability stems from unsafely handling user-supplied credentials in login.asp, specifically the (1) password parameter for ForumPal FE 1.1 and (2) p_password for ForumPal 1.5, allowing remote...