SQL Injection Vulnerabilities in Alisveristr E-commerce: Bypass Authentication and Arbitrary SQL Execution
CVE-2005-4081 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.