SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter.Referenceshttp://www.securityfocus.com/bid/13404http://securitytracker.com/id?1013837http://www.osvdb.org/15968
