CVE-2006-5450 | Vulnerability Database | Aqua Security

SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters.

Affected Software

Name	Vendor	Start Version	End Version
Kinesis_interactive_cinema_system	Kinesis	*	*

References

http://secunia.com/advisories/22493
http://securityreason.com/securityalert/1757
http://www.osvdb.org/29901
http://www.securityfocus.com/archive/1/449227/100/0/threaded
http://www.securityfocus.com/bid/20607
http://www.vupen.com/english/advisories/2006/4130
https://exchange.xforce.ibmcloud.com/vulnerabilities/29683
http://secunia.com/advisories/22493
http://securityreason.com/securityalert/1757
http://www.osvdb.org/29901
http://www.securityfocus.com/archive/1/449227/100/0/threaded
http://www.securityfocus.com/bid/20607
http://www.vupen.com/english/advisories/2006/4130
https://exchange.xforce.ibmcloud.com/vulnerabilities/29683

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5450
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html