CVE-2004-2746 | HackTesting

SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

References

http://www.securityfocus.com/archive/1/350028/30/21640/threaded

http://www.securityfocus.com/bid/9438

http://securitytracker.com/id?1008745

https://exchange.xforce.ibmcloud.com/vulnerabilities/14860

http://www.pensacolawebdesigns.com/xtremeasp/readmore.asp

http://www.osvdb.org/3585

http://securityreason.com/securityalert/3346

http://www.tripbit.org/advisories/TA-150104.txt

http://secunia.com/advisories/10659