source: http://www.securityfocus.com/bid/13759/info Active News Manager is prone to an SQL injection vulnerability. This issue affects the 'login.asp' script. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker can gain unauthorized access to an affected site. All versions are considered to be vulnerable at the moment. Uername =admin Password= ' or ''='
Related ExploitsOther Possible E-DB Search Terms: Active News Manager
|2006-11-18||29089||Active News Manager - activeNews_categories.asp catID Parameter SQL Injection||laurent gaffie|
|2006-11-18||29090||Active News Manager - activeNews_comments.asp articleId Parameter SQL Injection||laurent gaffie|