Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4037

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4037
Last Modified 07 Mar 2011 09:27:35
Published 06 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4037

Summary

SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter.

Vulnerable Systems


References

VUPEN - ADV-2005-2745

XF - affiliatemanager-functions-sql-injection(23415)

BID - 15717

OSVDB - 21457

SECUNIA - 17883

MISC - http://pridels0.blogspot.com/2005/12/web4future-affiliate-manager-pro-sql.html


Last Updated: 27 May 2016 10:41:09