CVE-2008-6487 Information

Description

Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.

Reference

http://www.securityfocus.com/bid/32217 http://www.vupen.com/english/advisories/2008/3068 https://exchange.xforce.ibmcloud.com/vulnerabilities/46500 https://www.exploit-db.com/exploits/7067