CVE-2010-2338 Information

Description

Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/65483 http://packetstormsecurity.org/1006-exploits/vuwebvisitoranalyst-sql.txt http://secunia.com/advisories/40176 http://www.exploit-db.com/exploits/13842 http://www.vupen.com/english/advisories/2010/1460 https://exchange.xforce.ibmcloud.com/vulnerabilities/59396