CVE-2007-6517 Information

Description

SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information.

Reference

http://aria-security.net/forum/showthread.php?p=1174 http://secunia.com/advisories/28193 http://www.osvdb.org/39383 http://www.securityfocus.com/archive/1/485393/100/0/threaded http://www.securityfocus.com/bid/26962 http://www.vupen.com/english/advisories/2007/4302 https://exchange.xforce.ibmcloud.com/vulnerabilities/39176