Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1314

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1314
Last Modified 05 Sep 2008 12:00:00
Published 12 Mar 2008 01:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1314

Summary

SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php.

Vulnerable Systems

Application

  • Johannes Hass Gaestebuch Module 2.2


References

XF - gaestebuch-id-sql-injection(40975)

BID - 28063

BUGTRAQ - 20080301 PHP-Nuke Copyright 2005 SQL

MISC - http://cod3rz.helloweb.eu/exploits/gaestebuch.txt


Last Updated: 27 May 2016 10:47:06