Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. NOTE: due to lack of details, it is not clear whether this is related to CVE-2004-2206.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-08-24T10:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2009-08-23T00:00:00
Link: CVE-2008-7049
JSON object: View
NVD Information
Status : Modified
Published: 2009-08-24T10:30:02.157
Modified: 2017-09-29T01:33:29.683
Link: CVE-2008-7049
JSON object: View
Redhat Information
No data.
CWE