7 lines
No EOL
530 B
Text
7 lines
No EOL
530 B
Text
source: http://www.securityfocus.com/bid/5008/info
|
|
|
|
Ruslan Communications <Body>Builder is a tool designed to assist a user in creating a website. It allows for remote administration through a web interface, and is implemented in Java.
|
|
|
|
Reportedly, user input supplied as the login password is not adequately filtered. A malicious user may include special characters in the supplied password and modify the SQL query used to validate the user. Access to the administrative interface is possible.
|
|
|
|
Use login='-- and pass='-- |