CVE-2009-4721
CVE-2009-4721 affects Andrews-Web (A-W) BannerAd 1.0, with multiple SQL injection vulnerabilities in Admin/index.asp that allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. The root cause is unsafely constructed SQL queries in that page, enablin...