Full title: Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection Vulnerability 
Category: web applications
Platform: windows
NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.

# 0day.today @ http://0day.today/