LDF Sql injection vulnerability

2009-01-28T00:00:00
ID SECURITYVULNS:DOC:21236
Type securityvulns
Reporter Securityvulns
Modified 2009-01-28T00:00:00

Description

Product : LDF vendor : www.ldf.22.cn

LDF Sql injection vulnerability (in login.asp page) =>

example : http://example/[ldf path]/login.asp?user=[SQL COMMAND]