SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.
Software | From | Fixed in |
---|---|---|
maxwebportal / maxwebportal | 1.35 | 1.35.x |
maxwebportal / maxwebportal | 1.36 | 1.36.x |
maxwebportal / maxwebportal | 2.0 | 2.0.x |
maxwebportal / maxwebportal | 2005-04-18 | 2005-04-18.x |