Vulnonym.com

CVE-2006-5450 - Trickier Teeth

Description

SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters.

Reference

http://www.securityfocus.com/bid/20607 http://secunia.com/advisories/22493 http://www.osvdb.org/29901 http://securityreason.com/securityalert/1757 http://www.vupen.com/english/advisories/2006/4130 https://exchange.xforce.ibmcloud.com/vulnerabilities/29683 http://www.securityfocus.com/archive/1/449227/100/0/threaded