Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3953

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3953
Last Modified 03 Oct 2008 12:41:45
Published 01 Dec 2005 01:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3953

Summary

SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php.

Vulnerable Systems

Application

  • Bedeng Psp 1.1


References

BID - 15583

OSVDB - 21176

OSVDB - 21175

OSVDB - 21174

SECUNIA - 17760

MISC - http://pridels0.blogspot.com/2005/11/bedengpsp-sql-inj-vuln.html


Last Updated: 27 May 2016 10:41:07