Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5954


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-5954
Last Modified 10 Feb 2009 12:00:00
Published 23 Jan 2009 02:00:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems


  • Ktp Computer Customer Database Nil


XF - ktpccd-lname-sql-injection(46898)

BID - 33520

SECUNIA - 32888

Last Updated: 27 May 2016 10:49:00