CVE-2007-5704 Information

Description

Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp.

Reference

http://secunia.com/advisories/27375 http://securityreason.com/securityalert/3313 http://www.osvdb.org/38167 http://www.osvdb.org/38168 http://www.securityfocus.com/archive/1/482730/100/0/threaded http://www.securityfocus.com/bid/26192 https://exchange.xforce.ibmcloud.com/vulnerabilities/37424