Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5306

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5306
Last Modified 07 Mar 2011 10:14:21
Published 02 Dec 2008 07:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5306

Summary

SQL injection vulnerability in admin/index.php in PG Real Estate Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter (username). NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Pilot Group Pg Real Estate Solution Nil


References

XF - realestatesolution-index-sql-injection(46792)

VUPEN - ADV-2008-3239

BID - 32429

MILW0RM - 7200

SREASON - 4674

SECUNIA - 32841


Last Updated: 27 May 2016 10:48:46