NEXTWEB (i)Site Login.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13834/info NEXTWEB iSite is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation coul...

ZH2005-13SA.txt

ZH2005-13SA security advisory: NEXTWEB iSite™ multiple vulnerabilities Published: 1 June 2005 - GOOD MONTH EVERYBODY ;- Released: 1 June 2005 Name: iSite™ Affected Versions: ALL Issue: SQL injections, exception handling, unsafe directories Author: Trash-80 - [email protected] Vendor:...

CVE-2005-1834

The CVE-2005-1834 entry describes a SQL injection vulnerability in NEXTWEB (i)Site, specifically in login.asp. The underlying issue is unsanitized input in the password field, enabling remote attackers to execute arbitrary SQL commands and bypass authentication. The available connected documents ...

CVE-2005-1834

SQL injection vulnerability in login.asp in NEXTWEB iSite allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field...

CVE-2005-1834

SQL injection vulnerability in login.asp in NEXTWEB iSite allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field...

PT-2005-2802 · Nextweb · Nextweb Isite

Name of the Vulnerable Software and Affected Versions: NEXTWEB iSite affected versions not specified Description: The issue allows remote attackers to obtain sensitive information via a direct request to databases/Users.mdb due to insufficient access control. This is because databases are stored...