Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3509

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3509
Last Modified 07 Mar 2011 09:26:37
Published 06 Nov 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3509

Summary

Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php.

Vulnerable Systems

Application

  • Jportal Web Portal 2.2.1

  • Jportal Web Portal 2.3.1


References

VUPEN - ADV-2005-2310

BID - 15324

MISC - http://www.security.nnov.ru/Kdocument105.html

MISC - http://foro.elhacker.net/index.php?topic=93436.0


Last Updated: 27 May 2016 10:40:56