CVE-2002-0878

Name of the Vulnerable Software and Affected Versions: LogiSense software including Hawk-i Billing versions (affected versions not specified) Hawk-i ASP versions (affected versions not specified) DNS Manager versions (affected versions not specified)

Description: The issue allows remote attackers to bypass authentication via SQL code in the password field in the login form.

Recommendations: For Hawk-i Billing, update to a version that fixes the SQL injection issue in the login form. For Hawk-i ASP, update to a version that fixes the SQL injection issue in the login form. For DNS Manager, update to a version that fixes the SQL injection issue in the login form. As a temporary workaround, consider restricting access to the login form to minimize the risk of exploitation. Avoid using SQL code in the password field in the affected login form until the issue is resolved.