Unrated severityNVD Advisory· Published Nov 22, 2007· Updated Apr 23, 2026

CVE-2007-6091

Description

Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.

Affected products

Jiro/Banner System
cpe:2.3:a:jiro:banner_system:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/26479nvdExploit
osvdb.org/38740nvd
osvdb.org/38741nvd
secunia.com/advisories/27713nvd
securityreason.com/securityalert/3384nvd
www.securityfocus.com/archive/1/483859/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000