SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote malicious users to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword parameter).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ipswitch whatsup professional_2005_sp1 |