Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3133

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-3133
Last Modified 07 Mar 2011 10:10:15
Published 10 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3133

Summary

SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter.

Vulnerable Systems

Application

  • Barenuked Cms 1.1.0


References

XF - barenukedcms-index-security-bypass(43471)

XF - barenukedcms-index-sql-injection(43471)

BID - 30011

MILW0RM - 5971

SECUNIA - 30887


Last Updated: 27 May 2016 10:48:05