CVE-2006-0221 Information

Description

SQL injection vulnerability in index.asp in the Admin Panel in Dragon Design Services Network (DDSN) cm3 content manager (CM3CMS) allows remote attackers to execute arbitrary SQL commands via the (1) username or (2) password.

Reference

http://www.osvdb.org/22696 http://www.securityfocus.com/archive/1/421941/100/0/threaded http://www.securityfocus.com/bid/16231 https://exchange.xforce.ibmcloud.com/vulnerabilities/24266