SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
References
Configurations
Information
Published : 2008-12-17 09:30
Updated : 2017-09-28 18:32
NVD link : CVE-2008-5633
Mitre link : CVE-2008-5633
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
activewebsoftwares
- activevotes