CVE-2007-6091

Name of the Vulnerable Software and Affected Versions JiRo's Banner System versions 2.0

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved by exploiting the Username or Password field in the files/login.asp file.

Recommendations For JiRo's Banner System version 2.0, update the files/login.asp file to properly sanitize the Username and Password fields to prevent SQL injection attacks. As a temporary workaround, consider restricting access to the login functionality until a patch is available.