Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1613

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1613
Last Modified 05 Sep 2008 12:00:00
Published 22 Apr 2008 12:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1613

Summary

SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other versions including 6.5 and 7.0, allows remote attackers to execute arbitrary SQL commands via the LngId parameter.

Vulnerable Systems

Application

  • Reddot Cms 6.5

  • Reddot Cms 7.0

  • Reddot Cms 7.5


References

XF - reddot-iord-sql-injection(41924)

BID - 28872

BUGTRAQ - 20080421 IRM Security Advisory : RedDot CMS SQL injection vulnerability

MILW0RM - 5482

MISC - http://www.irmplc.com/index.php/167-Advisory-026

SECUNIA - 29843


Last Updated: 27 May 2016 10:47:36