Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4563

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4563
Last Modified 05 Sep 2008 04:57:11
Published 29 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4563

Summary

SQL injection vulnerability in main.php in Enterprise Heart Enterprise Connector 1.0.2 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the loginid parameter, a different vulnerability than CVE-2005-3875.

Vulnerable Systems

Application

  • Enterprise Heart Enterprise Connector 1.0.2


References

BID - 15984

BUGTRAQ - 20051220 Enterprise Connector v.1.02 Multiple SQL Vulnerabilities and Login Bypass

XF - enterpriseconnector-main-sql-injection(23845)

OSVDB - 22163

SREASON - 278

SECUNIA - 17743

FULLDISC - 20051220 Enterprise Connector v.1.02 Multiple SQL


Last Updated: 27 May 2016 10:41:20