CVE-2006-5450

SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters.

Date published : 2006-10-23

http://www.securityfocus.com/bid/20607

http://www.securityfocus.com/archive/1/449227/100/0/threaded