Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1026

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-1026
Last Modified 24 Feb 2012 11:21:22
Published 07 Feb 2012 07:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1026

Summary

Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.

Vulnerable Systems

Application

  • Johannes Ekberg Xray Cms 1.1.1


References

XF - xraycms-login2-sql-injection(73000)

BID - 51870

EXPLOIT-DB - 18467

MISC - http://sourceforge.net/tracker/?func=detail&aid=3488241&group_id=298778&atid=1260461

BUGTRAQ - 20120212 sqlinjection bug in nova cms


Last Updated: 27 May 2016 10:58:19