Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6641


Vulnerability Score 6.5 6.5
CVE Id CVE-2008-6641
Last Modified 07 Apr 2009 12:00:00
Published 07 Apr 2009 10:17:17
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp.

Vulnerable Systems


  • Aspindir Shader Tv


XF - shadertv-sid-sql-injection(42261)

BID - 29091

MILW0RM - 5564

Last Updated: 27 May 2016 10:49:16