Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1578

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-1578
Last Modified 03 Nov 2008 01:15:30
Published 02 Apr 2006 05:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1578

Summary

Multiple SQL injection vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and earlier allow remote attackers to execute arbitrary SQL commands via the subject_type_id parameter in (1) the index page and (2) the search module.

Vulnerable Systems

Application

  • Index Data Aps Keystone Digital Library Suite 1.5.4


References

XF - keystonedls-subjecttypeid-sql-injection(25571)

MISC - http://pridels0.blogspot.com/2006/03/keystone-dls-sql-vuln.html


Last Updated: 27 May 2016 10:42:06