Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4264

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4264
Last Modified 07 Mar 2011 09:27:55
Published 15 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4264

Summary

Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields, and (3) id parameter.

Vulnerable Systems

Application

  • Triangle Solutions Php Support Tickets 2.0


References

MISC - http://www.nii.co.in/vuln/PHPSupportTickets.html

SECTRACK - 1015352

VUPEN - ADV-2005-2928

BID - 15853

OSVDB - 21730

SECUNIA - 18067


Last Updated: 27 May 2016 10:41:14