Vulnerabilities > Dmxready > Dmxready Secure Login Manager

DATE CVE VULNERABILITY TITLE RISK
2006-12-29 CVE-2006-6816 SQL Injection vulnerability in Dmxready Secure Login Manager 1.0
Multiple SQL injection vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel; (4) the sent parameter to (a) login.asp, (b) content.asp, and (c) members.asp in the Remote-WebSite; and (5) the sent parameter to applications/SecureLoginManager/inc_secureloginmanager.asp in the Live Demo.
network
low complexity
dmxready
7.5
2006-12-29 CVE-2006-6815 Cross-Site Scripting vulnerability in Dmxready Secure Login Manager 1.0
Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel.
network
dmxready
6.0