Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4178

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4178
Last Modified 07 Mar 2011 10:12:04
Published 23 Sep 2008 11:25:42
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4178

Summary

SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Downline Goldmine Builder

  • Downline Goldmine Builder Special Category Addon

  • Downline Goldmine Builder Unknown

  • Downline Goldmine New Addon

  • Downline Goldmine New Addon Pro


References

XF - downlinegoldmine-tr-sql-injection(45128)

VUPEN - ADV-2008-2995

VUPEN - ADV-2008-2994

VUPEN - ADV-2008-2993

VUPEN - ADV-2008-2992

BID - 31169

MILW0RM - 6951

MILW0RM - 6950

MILW0RM - 6947

MILW0RM - 6946

SECUNIA - 31812

MISC - http://packetstormsecurity.org/0809-exploits/newdownline-sql.txt

MISC - http://packetstorm.linuxsecurity.com/0809-exploits/downline-sql.txt

MISC - http://packetstorm.linuxsecurity.com/0809-exploits/categoryaddon-sql.txt


Last Updated: 27 May 2016 10:48:24