Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2723

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2723
Last Modified 05 Sep 2008 04:52:32
Published 30 Aug 2005 07:45:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2723

Summary

SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote attackers to execute arbitrary SQL commands via the username value in the pafiledbcookie cookie.

Vulnerable Systems

Application

  • Php Arena Pafiledb 3.1


References

MISC - http://www.security-project.org/projects/board/showthread.php?t=947

BUGTRAQ - 20050824 PaFileDB 3.1 - SQL-Injection

XF - pafiledb-auth-sql-injection(21988)

BID - 14654

SECUNIA - 16566


Last Updated: 27 May 2016 10:40:37