SQL Injection Vulnerabilities in Milw0rm Clone Script 1.0: Remote Code Execution via usr and pwd Parameters

SQL Injection Vulnerabilities in Milw0rm Clone Script 1.0: Remote Code Execution via usr and pwd Parameters

CVE-2015-4658 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in admin/login.php in Milw0rm Clone Script 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) usr or (2) pwd parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.