2007-11-22 00:00:00
mitre
PUBLISHED
Multiple SQL injection vulnerabilities in files/login.asp in JiRos Banner System (JBS) 2.0, and possibly JiRos Upload Manager (aka JiRos Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.