Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
aspburst mynewsletter 1.1.2 |