Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5774

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5774
Last Modified 29 Jul 2009 04:32:31
Published 30 Dec 2008 03:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5774

Summary

Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp.

Vulnerable Systems

Application

  • Aspsiteware Homebuilder 1.0

  • Aspsiteware Homebuilder 2.0


References

XF - homebuilder-typedetail-sql-injection(47319)

BID - 32812

MILW0RM - 7462

SECUNIA - 33172


Last Updated: 27 May 2016 10:48:55