Back to search
CVE-2005-3793
Published: Nov 24, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to bypass authentication and execute arbitrary SQL commands via the (1) username or (2) password to admin/admin_validate_login, or the (3) login, (4) password, and (5) flag parameters to login_validate.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://myblog.it-security23.net/?postid=5
x_refsource_MISC
20893
vdb-entry
x_refsource_OSVDB
affiliate-network-login-sql-injection(23073)
vdb-entry
x_refsource_XF
ADV-2005-2455
vdb-entry
x_refsource_VUPEN
20051115 Affiliate Network Pro v7.2 SQL Injections, Arbitrary code execution, XSS
mailing-list
x_refsource_BUGTRAQ
20889
vdb-entry
x_refsource_OSVDB
17605
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now