CVE-2007-4106

The CVE concerns SQL injection in the login.asp of CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface. The vulnerability allows remote attackers to execute arbitrary SQL commands via the Password parameter, implying an injection flaw in authentication logic. Connected...