Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4175

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-4175
Last Modified 20 Aug 2009 01:20:57
Published 23 Sep 2008 11:25:42
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-4175

Summary

Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.

Vulnerable Systems

Application

  • Linkbidscript 1.5


References

XF - linkbidscript-edit-sql-injection(45155)

XF - linkbidscript-upgrade-sql-injection(45153)

BID - 31191

MILW0RM - 6466

SREASON - 4299

SECUNIA - 31853


Last Updated: 27 May 2016 10:48:24