SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information.
References
Configurations
Information
Published : 2008-01-08 03:46
Updated : 2018-10-15 14:56
NVD link : CVE-2007-6671
Mitre link : CVE-2007-6671
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
instantsoftwares
- dating_site