Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1336

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1336
Last Modified 20 Dec 2008 01:52:25
Published 13 Mar 2008 02:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1336

Summary

SQL injection vulnerability in Koobi CMS 4.2.3 through 4.3.0 allows remote attackers to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122.

Vulnerable Systems

Application

  • Koobi Cms 4.2.3

  • Koobi Cms 4.2.4

  • Koobi Cms 4.2.5

  • Koobi Cms 4.2.6

  • Koobi Cms 4.2.7

  • Koobi Cms 4.2.8

  • Koobi Cms 4.2.9

  • Koobi Cms 4.3.0


References

BUGTRAQ - 20080415 Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities

BUGTRAQ - 20080301 Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection Vulnerability

MILW0RM - 5447

MILW0RM - 5206

XF - koobicms-categ-sql-injection(41207)

BID - 28059


Last Updated: 27 May 2016 10:47:07