Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4701


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-4701
Last Modified 22 Jul 2009 12:00:00
Published 22 Oct 2008 06:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems


  • Liberiacms Liberia Cms 1.00

  • Liberiacms Liberia Cms 1.10

  • Liberiacms Liberia Cms 1.11

  • Liberiacms Liberia Cms 1.12


XF - libera-adminphp-sql-injection(46071)

XF - libera-admin-sql-injection(45011)

BID - 31102

SECUNIA - 31811

Last Updated: 27 May 2016 10:48:36