Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1990

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1990
Last Modified 29 Jan 2009 01:48:54
Published 27 Apr 2008 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1990

Summary

Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp.

Vulnerable Systems

Application

  • Acidcat Cms 3.4.1


References

XF - acidcat-default-sql-injection(41918)

BID - 28868

BUGTRAQ - 20080420 Acidcat CMS Multiple Vulnerabilities

MILW0RM - 5478

SREASON - 3842

SECUNIA - 29916

MISC - http://bugreport.ir/index.php?/36


Last Updated: 27 May 2016 10:47:42