Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6152


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6152
Last Modified 17 Feb 2009 12:00:00
Published 16 Feb 2009 12:30:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Portal allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: this was originally reported for Lawyer Portal, which does not have a deptdisplay.asp file.

Vulnerable Systems


  • Sepcity Faculty Portal -


XF - lawyerportal-deptdisplay-sql-injection(47621)

BID - 33040

MILW0RM - 7610

SECUNIA - 33357

Last Updated: 27 May 2016 10:49:05