Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1316

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1316
Last Modified 28 Apr 2009 01:39:28
Published 17 Apr 2009 10:08:51
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1316

Summary

Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php.

Vulnerable Systems

Application

  • Abk-soft Ablespace 1.0


References

BID - 34512

BUGTRAQ - 20090414 [DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities

MILW0RM - 8424

SECUNIA - 34663

MISC - http://dsecrg.com/pages/vul/show.php?id=137


Last Updated: 27 May 2016 10:50:32