Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection
| EKU-ID: 31119 | CVE: | OSVDB-ID: |
| Author: Dj romty | Published: 2005-06-01 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31119 | CVE: | OSVDB-ID: |
| Author: Dj romty | Published: 2005-06-01 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/13836/info livingmailing is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script. livingmailing 1.3 is reported vulnerable. The following proof of concept is available: Username =admin Password= ' or ''='