Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6656

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6656
Last Modified 19 Aug 2009 01:24:14
Published 07 Apr 2009 10:17:18
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6656

Summary

Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.

Vulnerable Systems

Application

  • Openautoclassifieds Open Auto Classifieds 1.4.3b


References

XF - openautoclassifieds-listings-sql-injection(42158)

BID - 29027

MILW0RM - 5531

OSVDB - 50256

OSVDB - 50255

CONFIRM - http://freshmeat.net/projects/openauto/releases/277061


Last Updated: 27 May 2016 10:49:16