Vulnerabilities > CVE-2006-5952 - SQL-Injection vulnerability in ASP Smiley ASP Smiley 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
asp-smiley
exploit available
NVD
Published: 2006-11-17
Updated: 2017-10-19

Summary

SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote attackers to execute arbitrary SQL commands via the Username field.

Vulnerable Configurations

Part Description Count
Application
Asp_Smiley
1

Exploit-Db

descriptionASP Smiley 1.0 (default.asp) Login ByPass SQL Injection Vulnerability. CVE-2006-5952. Webapps exploit for asp platform
fileexploits/asp/webapps/2779.txt
idEDB-ID:2779
last seen2016-01-31
modified2006-11-14
platformasp
port
published2006-11-14
reporterajann
sourcehttps://www.exploit-db.com/download/2779/
titleASP Smiley 1.0 default.asp Login ByPass SQL Injection Vulnerability
typewebapps

References