Vulnerabilities > CVE-2005-1943 - SQL Injection vulnerability in Loki Download Manager Default.ASP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Loki Download Manager 2.0 Catinfo.ASP SQL Injection Vulnerability. CVE-2005-1943. Webapps exploit for asp platform id EDB-ID:25805 last seen 2016-02-03 modified 2005-06-08 published 2005-06-08 reporter hack_912 source https://www.exploit-db.com/download/25805/ title Loki Download Manager 2.0 Catinfo.ASP SQL Injection Vulnerability description Loki Download Manager 2.0 Default.ASP SQL Injection Vulnerability. CVE-2005-1943. Webapps exploit for asp platform id EDB-ID:25804 last seen 2016-02-03 modified 2005-06-08 published 2005-06-08 reporter hack_912 source https://www.exploit-db.com/download/25804/ title Loki Download Manager 2.0 Default.ASP SQL Injection Vulnerability