Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5958

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5958
Last Modified 07 Mar 2011 10:15:30
Published 23 Jan 2009 02:00:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5958

Summary

Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp.

Vulnerable Systems

Application

  • Activewebsoftwares Active Test 2.1


References

XF - activetest-quizid-sql-injection(46919)

VUPEN - ADV-2008-3299

BID - 32547

MILW0RM - 7295

SECUNIA - 32902

OSVDB - 50407

OSVDB - 50406

OSVDB - 50405


Last Updated: 27 May 2016 10:49:00