Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2083

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2083
Last Modified 29 Jan 2009 01:49:11
Published 05 May 2008 01:20:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2083

Summary

SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.

Vulnerable Systems

Application

  • Prozilla Hosting Index


References

BID - 28970

BUGTRAQ - 20080428 [ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability

MILW0RM - 5516

SREASON - 3853

SECUNIA - 29936

XF - hostingindex-directory-sql-injection(42269)


Last Updated: 27 May 2016 10:47:45