Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1353

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1353
Last Modified 07 Mar 2011 09:32:51
Published 21 Mar 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1353

Summary

Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp.

Vulnerable Systems

Application

  • Aspportal 3.0.0

  • Aspportal 3.1.0

  • Aspportal 3.1.1


References

VUPEN - ADV-2006-1014

MISC - http://www.nukedx.com/?viewdoc=21

MILW0RM - 1597

SECUNIA - 19286

XF - aspportal-multiple-aspscripts-sql-injection(25346)

BID - 17174

BUGTRAQ - 20060322 Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses

BUGTRAQ - 20060321 ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities

OSVDB - 24092

OSVDB - 24091

OSVDB - 24090

OSVDB - 24089

OSVDB - 24088

OSVDB - 24087

OSVDB - 24086

OSVDB - 24085

OSVDB - 24084

OSVDB - 24020

SREASON - 608


Last Updated: 27 May 2016 10:42:02