Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6013

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6013
Last Modified 19 Aug 2009 01:22:53
Published 30 Jan 2009 01:30:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6013

Summary

Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute arbitrary SQL commands via unspecified vectors involving the (1) advanced search result and (2) service resource pages.

Vulnerable Systems

Application

  • Openfreeway Freeway 1.0.060

  • Openfreeway Freeway 1.0.25

  • Openfreeway Freeway 1.0.59

  • Openfreeway Freeway 1.1.1.76

  • Openfreeway Freeway 1.1.1.80

  • Openfreeway Freeway 1.1.1.81

  • Openfreeway Freeway 1.2.0.113

  • Openfreeway Freeway 1.3

  • Openfreeway Freeway 1.3.0.142

  • Openfreeway Freeway 1.3.1.142

  • Openfreeway Freeway 1.3.1.147

  • Openfreeway Freeway 1.3.2.154

  • Openfreeway Freeway 1.3.2.160

  • Openfreeway Freeway 1.4

  • Openfreeway Freeway 1.4.0.171

  • Openfreeway Freeway 1.4.1

  • Openfreeway Freeway 1.4.1.171

  • Openfreeway Freeway 1.4.1.197

  • Openfreeway Freeway 1.4.2.197


References

XF - freeway-multiple-sql-injection(45549)

BID - 31508

CONFIRM - http://www.openfreeway.org/download/change-log.html

SECUNIA - 32003


Last Updated: 27 May 2016 10:49:02