Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2521

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-2521
Last Modified 02 Apr 2009 01:34:58
Published 03 Jun 2008 11:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-2521

Summary

SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter.

Vulnerable Systems

Application

  • Yabsoft Mega File Hosting Script 1.2


References

XF - megafile-members-sql-injection(42355)

BID - 29167

MILW0RM - 5598

SECUNIA - 30210


Last Updated: 27 May 2016 10:47:54