Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5704

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5704
Last Modified 05 Sep 2008 05:31:27
Published 29 Oct 2007 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5704

Summary

Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp.

Vulnerable Systems

Application

  • Codewidgets Online Event Registration Template


References

BID - 26192

BUGTRAQ - 20071023 [Aria-Security.Net] CodeWidgets.Com Online Event Registration Multiple login SQL Injection

SECUNIA - 27375

XF - eventregistration-login-sql-injection(37424)

OSVDB - 38168

OSVDB - 38167

SREASON - 3313


Last Updated: 27 May 2016 10:46:14