Vulnerabilities > CVE-2006-4524 - SQL Injection vulnerability in Digiappz Freekot 1.01
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description freekot (auth bypass) SQL Injection Vulnerability. CVE-2006-4524. Webapps exploit for asp platform id EDB-ID:10496 last seen 2016-02-01 modified 2009-12-16 published 2009-12-16 reporter R3d-D3V!L source https://www.exploit-db.com/download/10496/ title freekot auth bypass SQL Injection Vulnerability description Digiappz Freekot 1.01 ASP SQL Injection Vulnerability. CVE-2006-4524. Webapps exploit for asp platform id EDB-ID:28443 last seen 2016-02-03 modified 2006-08-30 published 2006-08-30 reporter FarhadKey source https://www.exploit-db.com/download/28443/ title Digiappz Freekot 1.01 ASP SQL Injection Vulnerability
References
- http://secunia.com/advisories/21669
- http://securityreason.com/securityalert/1488
- http://www.kapda.ir/advisory-410.html
- http://www.kapda.ir/attach-1996-xpl_freekot.htm
- http://www.securityfocus.com/archive/1/444752/100/0/threaded
- http://www.securityfocus.com/bid/19768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28672