Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4478

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4478
Last Modified 08 Sep 2011 12:00:00
Published 22 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4478

Summary

Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the (2) forumid and (3) reporeid_print parameters to (c) print.php.

Vulnerable Systems

Application

  • Papoo 2.1.2


References

VUPEN - ADV-2005-3046

BID - 16020

OSVDB - 21871

OSVDB - 21870

OSVDB - 21869

SECUNIA - 18152

MISC - http://pridels0.blogspot.com/2005/12/papoo-multiple-sql-vuln.html


Last Updated: 27 May 2016 10:41:19