Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4408

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4408
Last Modified 20 Sep 2008 12:43:06
Published 20 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4408

Summary

Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.

Vulnerable Systems

Application

  • Pc Media Miraserver 1.0 Rc4


References

BID - 15960

OSVDB - 21838

OSVDB - 21837

OSVDB - 21836

SECUNIA - 18110

MISC - http://pridels0.blogspot.com/2005/12/miraserver-sql-vuln.html


Last Updated: 27 May 2016 10:41:18