Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6422

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6422
Last Modified 31 May 2013 12:00:00
Published 06 Mar 2009 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6422

Summary

Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php.

Vulnerable Systems

Application

  • Psychostats 2.3

  • Psychostats 2.3.1

  • Psychostats 2.3.3


References

XF - psychostats-id-sql-injection(42770)

BID - 29449

MILW0RM - 5699

SECUNIA - 30464

OSVDB - 45869

OSVDB - 45868


Last Updated: 27 May 2016 10:49:10