2 matches found
CVE-2005-3596
CVE-2005-3596 documents an SQL injection in ASPKnowledgebase, allowing remote attackers to bypass authentication and execute arbitrary SQL via the (1) username and (2) password fields in adminlogin.asp. The underlying issue is improper input handling in the login form, enabling manipulation of SQ...
CVE-2005-4658
CVE-2005-4658 describes multiple cross-site scripting (XSS) vulnerabilities in ASP-Programmers.com ASPKnowledgebase. Affected component: the administrative interface of ASPKnowledgebase. Root cause: unspecified XSS flaws that allow remote attackers to inject arbitrary scripts or HTML via unknown ...