CVE-2004-2746 Information

Description

SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

Reference

http://secunia.com/advisories/10659 http://securityreason.com/securityalert/3346 http://securitytracker.com/id?1008745 http://www.osvdb.org/3585 http://www.pensacolawebdesigns.com/xtremeasp/readmore.asp http://www.securityfocus.com/archive/1/350028/30/21640/threaded http://www.securityfocus.com/bid/9438 http://www.tripbit.org/advisories/TA-150104.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/14860