Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) login (UserName) and possibly (2) password parameter. NOTE: some of these details are obtained from third party information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Spotlight_crm | Appintellect | 1.0 (including) | 1.0 (including) |