Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4040

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4040
Last Modified 08 Aug 2011 12:00:00
Published 06 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4040

Summary

SQL injection vulnerability in FileLister 0.51 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameters, possibly the searchwhat parameter to definesearch.jsp.

Vulnerable Systems

Application

  • Tawbaware Filelister 0.51


References

XF - filelister-definesearch-xss(23418)

VUPEN - ADV-2005-2725

BID - 15706

OSVDB - 21476

OSVDB - 21416

SECUNIA - 17821

MISC - http://pridels0.blogspot.com/2005/12/filelister-sql-inj-vuln.html


Last Updated: 27 May 2016 10:41:09