Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5772

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5772
Last Modified 29 Jul 2009 04:32:30
Published 30 Dec 2008 03:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5772

Summary

Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp.

Vulnerable Systems

Application

  • Aspsiteware Realtylistings 1.0

  • Aspsiteware Realtylistings 2.0


References

XF - realtylisting-typedetail-sql-injection(47323)

BID - 32812

MILW0RM - 7464

SREASON - 4848

SECUNIA - 33167

OSVDB - 50708

OSVDB - 50707


Last Updated: 27 May 2016 10:48:55