VULHUB ™

Pascal Michaud's ASP Client Check is a ASP script designed to provide username/password authentication for arbitrary web services. A SQL injection vulnerability has been reported in some versions of ASP Client Check. User supplied input is not sanitized before being used in a SQL query. Consequently, query modification using malformed input is possible. It has been reported that exploitation of this vulnerability may allow for authentication for any known username to be bypassed.

Pascal Michaud's ASP Client Check is a ASP script designed to provide username/password authentication for arbitrary web services. A SQL injection vulnerability has been reported in some versions of ASP Client Check. User supplied input is not sanitized before being used in a SQL query. Consequently, query modification using malformed input is possible. It has been reported that exploitation of this vulnerability may allow for authentication for any known username to be bypassed.