4 matches found
CVE-2006-5450
SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System KICS CMS allows remote attackers to execute arbitrary SQL commands via the 1 txtUsername user or 2 txtPassword pass parameters...
CVE-2006-5450
The CVE-2006-5450 entry concerns a SQL injection in the Kinesis Interactive Cinema System (KICS) CMS, exposed via index.asp. The vulnerability allows remote attackers to craft input for the (1) txtUsername and (2) txtPassword parameters to execute arbitrary SQL commands. Affected component/file: ...
KICS-cms.txt
Tunis the 18/10/2006 bug found by fireboy product:KICS CMS vendor:http://www.kinesis.com.au/ there is an sql injection problem in KICS CMS login page and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example:http://www.target.com/kicscms/index.asp thx...
KICS CMS sql injection
Tunis the 18/10/2006 bug found by fireboy product:KICS CMS vendor:http://www.kinesis.com.au/ there is an sql injection problem in KICS CMS login page and it can be exploited to gain admin privileges. exploit: user: 'or''=' pass: 'or''=' example:http://www.target.com/kicscms/index.asp thx...