Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1224

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1224
Last Modified 05 Sep 2008 04:26:00
Published 23 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1224

Summary

get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack.

Vulnerable Systems

Application

  • Les Vanbrunt Adrotate Pro 2.0


References

BID - 3739

BUGTRAQ - 20011223 GOBBLES CGI MARATHON #001

XF - adrotate-sql-execute-commands(7736)


Last Updated: 27 May 2016 10:36:34