CVE-2006-6816 Information

Feb 14, 2021 cve

Description

Multiple SQL injection vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) set_preferences.asp (2) send_password_preferences.asp and (3) SecureLoginManager/list.asp in the Local-Admin Panel; (4) the sent parameter to (a) login.asp (b) content.asp and (c) members.asp in the Remote-WebSite; and (5) the sent parameter to applications/SecureLoginManager/inc_secureloginmanager.asp in the Live Demo.

Reference

http://www.osvdb.org/33333 http://www.osvdb.org/33334 http://www.osvdb.org/33335 http://www.osvdb.org/33336 http://www.osvdb.org/33337 http://www.osvdb.org/33338 http://www.securityfocus.com/archive/1/455353/100/0/threaded http://www.securityfocus.com/bid/21788 https://exchange.xforce.ibmcloud.com/vulnerabilities/31158

Share on: