Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4232

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4232
Last Modified 12 Dec 2012 09:46:15
Published 14 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4232

Summary

** DISPUTED ** SQL injection vulnerability in index.php in Jamit Job Board 2.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the vendor has disputed this issue, saying "The vulnerability is without any basis and did not actually work." CVE has not verified either the vendor or researcher statements, but the original researcher is known to make frequent mistakes when reporting SQL injection.

Vulnerable Systems

Application

  • Jamit Job Board 2.4.1


References

VUPEN - ADV-2005-2879

BID - 15848

OSVDB - 21687

SECUNIA - 18007

MISC - http://pridels0.blogspot.com/2005/12/jamit-job-board-24x-sql-inj.html

VIM - 20060814 vendor dispute: 21687: Jamit Job Board index.php cat Variable SQL Injection (fwd)


Last Updated: 27 May 2016 11:01:27