Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3598

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3598
Last Modified 05 Nov 2012 11:07:00
Published 12 Aug 2008 03:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3598

Summary

Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php.

Vulnerable Systems

Application

  • Psi-labs Psipuss 1.0


References

XF - psipuss-categories-sql-injection(44367)

BID - 30629

MILW0RM - 6226

SREASON - 4140

SECUNIA - 25041

OSVDB - 35500


Last Updated: 27 May 2016 10:53:44