Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5630

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-5630
Last Modified 07 Mar 2011 10:14:52
Published 17 Dec 2008 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5630

Summary

SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter.

Vulnerable Systems

Application

  • Qualityunit Post Affiliate Pro 3.0

  • Qualityunit Post Affiliate Pro 3.1.4


References

XF - postaffiliatepro-index-sql-injection(46887)

VUPEN - ADV-2008-3271

BID - 32487

MILW0RM - 7238

SREASON - 4780

SECUNIA - 32898


Last Updated: 27 May 2016 10:48:52