Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2767

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-2767
Last Modified 14 Apr 2009 01:32:38
Published 18 Jun 2008 06:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-2767

Summary

SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter.

Vulnerable Systems

Application

  • Xigla Absolute Poll Manager Xe


References

XF - absolutepoll-search-sql-injection(43055)

BID - 29672

SREASON - 3950

BUGTRAQ - 20080611 Xigla Multiple Products - Multiple Vulnerabilities

MISC - http://bugreport.ir/index.php?/41


Last Updated: 27 May 2016 10:47:58