Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4822

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4822
Last Modified 07 Mar 2011 09:29:03
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4822

Summary

SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter.

Vulnerable Systems


References

XF - diggersolutionsintranet-projectedit-sql-inj(22345)

VUPEN - ADV-2005-1804

BID - 14882

OSVDB - 19574

SECUNIA - 16870

MISC - http://osvdb.org/ref/19/DiggerIOS_Ver_2.7.2_SQL_Injection_Vulnerability.pdf


Last Updated: 27 May 2016 10:41:27