Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4743

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-4743
Last Modified 03 Sep 2012 12:00:00
Published 31 Aug 2012 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4743

Summary

Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) category parameters.

Vulnerable Systems

Application

  • Eos.pe Siche Search Module 0.5


References

XF - sichesearch-ssearch-sql-injection(74916)

MISC - http://www.vulnerability-lab.com/get_content.php?id=504

BID - 53035

OSVDB - 81178

BUGTRAQ - 20120414 Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities


Last Updated: 27 May 2016 11:00:26