Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2995

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2995
Last Modified 29 Jan 2009 01:51:57
Published 03 Jul 2008 02:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2995

Summary

Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.

Vulnerable Systems

Application

  • Phpeasydata 1.5.4


References

BID - 29659

BUGTRAQ - 20080610 PHPEasyData 1.5.4 Multiple Vulnerabilities

SREASON - 3969


Last Updated: 27 May 2016 10:48:04