3 matches found
CVE-2007-4109
The CVE-2007-4109 entry describes an SQL injection in sign_in.aspx of WebStore (Online Store Application Template), where an attacker can manipulate the Password parameter to execute arbitrary SQL. The connected NVD entry confirms a remote, unauthenticated SQL injection with network attack vector...
CVE-2007-5704
CVE-2007-5704 concerns the CodeWidgets.com Online Event Registration Template, where the (1) Email Address and (2) Password fields in login.asp and admin_login.asp are vulnerable to SQL injection. The underlying issue permits remote attackers to craft input that may result in arbitrary SQL execut...
CVE-2007-4108
CVE-2007-4108 : Concrete details across multiple connected documents show a SQL injection vulnerability in the WebEvents (Online Event Registration Template) application, specifically in the sign_in.aspx component. The vulnerability allows an attacker to manipulate the Password parameter to execu...