Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1122

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1122
Last Modified 31 Oct 2008 12:00:00
Published 03 Mar 2008 05:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1122

Summary

SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. NOTE: it was later reported that this also affects Koobi CMS 4.2.4, 4.2.5, and 4.3.0.

Vulnerable Systems

Application

  • Dream4 Koobi Pro 5.7


References

XF - koobi-categ-sql-injection(40903)

BID - 28031

BUGTRAQ - 20080415 Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities

MILW0RM - 5447

MILW0RM - 5198


Last Updated: 27 May 2016 10:47:02