CVE-2008-6220 Information

Description

SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the pass parameter.

Reference

http://secunia.com/advisories/32502 http://www.securityfocus.com/bid/32114 https://exchange.xforce.ibmcloud.com/vulnerabilities/46342 https://www.exploit-db.com/exploits/6987