Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3853

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3853
Last Modified 07 Mar 2011 09:27:16
Published 27 Nov 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3853

Summary

SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category parameters to index.php.

Vulnerable Systems

Application

  • Solucija Snews 1.2

  • Solucija Snews 1.3


References

VUPEN - ADV-2005-2585

OSVDB - 21093

SECUNIA - 17688

MISC - http://pridels0.blogspot.com/2005/11/snews-13-sql-injection.html


Last Updated: 27 May 2016 10:41:04