PT-2006-6593 · Asp Scripter · Asp Scripter Live Support+1

Ajann

Published

2006-11-16

Updated

2018-10-17

CVE-2006-5927

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ASP Scripter Easy Portal version 1.4 ASP Scripter Live Support version 1.3

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the Password parameter in the cpLogin.asp file.

Recommendations For ASP Scripter Easy Portal version 1.4, update the cpLogin.asp file to properly sanitize the Password parameter. For ASP Scripter Live Support version 1.3, update the cpLogin.asp file to properly sanitize the Password parameter.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5927

Affected Products

Asp Scripter Easy Portal

Asp Scripter Live Support

PT-2006-6593 · Asp Scripter · Asp Scripter Live Support+1

CVE-2006-5927

Related Identifiers

Affected Products

References · 6