Security Advisory
CVE-2005-3385
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL injection vulnerability in Techno Dreams Mailing List script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.