Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6950

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6950
Last Modified 12 Aug 2009 12:00:00
Published 12 Aug 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6950

Summary

Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field.

Vulnerable Systems

Application

  • Webhost-panel Bankoi Webhosting Control Panel 1.20


References

XF - webhostpanel-login-sql-injection(46637)

BID - 32299

MILW0RM - 7120


Last Updated: 27 May 2016 10:49:24