Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2143

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2143
Last Modified 05 Sep 2008 04:43:19
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2143

Summary

SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.

Vulnerable Systems

Application

  • Mambo Portal 4.5.1 1.0.9


References

CONFIRM - http://www.mamboportal.com/content/view/1615/

SECTRACK - 1011356

SECUNIA - 12597

XF - remository-filecatid-sql-injection(17441)

BID - 11219

OSVDB - 10040

BUGTRAQ - 20040919 Re: Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability.

BUGTRAQ - 20040917 Mambo Portal lasted version 4.5.1 (1.09) and lower vesion : SQL injection Vulnerability.


Last Updated: 27 May 2016 10:39:22