Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Full Revolution aspWebCalendar和aspWebAlbum多个SQL注入漏洞
Vulnerability Description
aspWebAlbum存在SQL注入漏洞。远程攻击者可以借助(1)登录页面的用户名字段或(2)album.asp的cat参数执行任意SQL语句。
CVSS Information
N/A
Vulnerability Type
N/A