CVE-2006-6543 Information

Description

Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) login (UserName) and possibly (2) password parameter. NOTE: some of these details are obtained from third party information.

Reference

http://www.vupen.com/english/advisories/2006/4932 https://exchange.xforce.ibmcloud.com/vulnerabilities/30835 https://www.exploit-db.com/exploits/2907