Vulnerabilities > ASP DEV > Internal E Mail System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-21 | CVE-2008-5926 | SQL Injection vulnerability in Asp-Dev Internal E-Mail System Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the (1) login parameter (aka user field) or the (2) password parameter (aka pass field). | 7.5 |