Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6220

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6220
Last Modified 07 Feb 2012 12:00:00
Published 20 Feb 2009 04:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6220

Summary

SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter.

Vulnerable Systems

Application

  • Cafuego Simple Document Management System 1.1.4

  • Cafuego Simple Document Management System 1.1.5

  • Sdms Simple Document Management System 1.1.4

  • Sdms Simple Document Management System 1.1.5


References

XF - sdms-login-sql-injection(46342)

BID - 32114

MILW0RM - 6987

SECUNIA - 32502


Last Updated: 27 May 2016 10:57:24