Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7030

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-7030
Last Modified 26 Aug 2009 12:00:00
Published 24 Aug 2009 06:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7030

Summary

Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.

Vulnerable Systems

Application

  • Site2nite Real Estate Web


References

XF - realestateweb-agentlist-sql-injection(40509)

BID - 27779

BUGTRAQ - 20080213 Provided By Development Solutions SQL Injection Exploit(panel)

OSVDB - 51076


Last Updated: 27 May 2016 10:49:26