Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3089

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3089
Last Modified 18 Mar 2009 01:39:23
Published 09 Jul 2008 03:33:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3089

Summary

SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.

Vulnerable Systems

Application

  • Xpoze Pro 3.06


References

XF - xpoze-user-sql-injection(43607)

BID - 30101

MILW0RM - 6010

SECUNIA - 30926


Last Updated: 27 May 2016 10:48:04