Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-100031

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-100031
Last Modified 14 Jan 2015 02:57:35
Published 13 Jan 2015 10:59:32
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-100031

Summary

Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php.

Vulnerable Systems

Application

  • Ismail Fahmi Ganesha Digital Library 4.2


References

XF - ganesha-gdl-sql-injection(91554)

SECUNIA - 57171

MISC - http://packetstormsecurity.com/files/125464


Last Updated: 27 May 2016 11:07:32