Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6225

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6225
Last Modified 07 Mar 2011 10:15:55
Published 20 Feb 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6225

Summary

** DISPUTED ** SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist."

Vulnerable Systems

Application

  • Mole-group Airline Ticket Sale Script -


References

XF - airlineticket-info-sql-injection(46383)

VUPEN - ADV-2008-3027

BID - 32138

MISC - http://www.mole-group.com/content/view/57/72

MILW0RM - 7009

SECUNIA - 32577

OSVDB - 49694


Last Updated: 27 May 2016 10:49:06