Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6091

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6091
Last Modified 15 Nov 2008 02:03:18
Published 21 Nov 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6091

Summary

Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.

Vulnerable Systems

Application

  • Jiro Banner System 2.0


References

BID - 26479

BUGTRAQ - 20071117 JiRo´s Upload Manager SQL Injection

SECUNIA - 27713

OSVDB - 38741

OSVDB - 38740

SREASON - 3384


Last Updated: 27 May 2016 10:46:22