CVE-2005-4081

Name of the Vulnerable Software and Affected Versions Alisveristr E-commerce (affected versions not specified)

Description The issue concerns multiple SQL injection vulnerabilities that allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands. This is achieved via the username and password parameters in two locations: the user login and the administrator login pages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.