Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3199

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3199
Last Modified 10 Sep 2008 03:45:50
Published 14 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3199

Summary

Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.

Vulnerable Systems

Application

  • Aspready Faq Manager


References

XF - aspreadyfaq-aradmin-sql-injection(22538)

BID - 15022

SECUNIA - 17091

BUGTRAQ - 20051006 aspReady FAQ - open for SQL-injections

OSVDB - 19917

SECTRACK - 1015015

SREASON - 52


Last Updated: 27 May 2016 10:40:50