CVE-2005-1149

Name of the Vulnerable Software and Affected Versions ACNews version 1.0

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is possible via the username or password parameters in the admin/login.asp file.

Recommendations For ACNews version 1.0, consider temporarily restricting access to the admin/login.asp file until a patch is available. As a mitigation measure, avoid using the username and password parameters in the affected file to minimize the risk of exploitation.