CVE-2005-1943 Information

Description

Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp.

Reference

http://marc.info/?l=bugtraq&m=111826992711703&w=2 http://secunia.com/advisories/15633 http://securitytracker.com/id?1014147 http://www.securityfocus.com/bid/13898 http://www.securityfocus.com/bid/13900