Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6487

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6487
Last Modified 12 Aug 2009 01:24:46
Published 18 Mar 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6487

Summary

Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.

Vulnerable Systems

Application

  • Digiappz Digiaffiliate 1.4


References

XF - digiaffiliate-login-sql-injection(46500)

VUPEN - ADV-2008-3068

BID - 32217

MILW0RM - 7067


Last Updated: 27 May 2016 10:49:12