MidnightBSD

Advisories for envivosoft

CVE-2005-1413 HIGH

Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID parameters to default.asp.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
envivosoft envivo_cms 3.54