SQL Injection Vulnerabilities in Alisveristr E-commerce: Bypass Authentication and Arbitrary SQL Execution

CVE-2005-4081 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.