Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1400

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2015-1400
Last Modified 04 Feb 2015 11:58:43
Published 03 Feb 2015 11:59:16
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1400

Summary

SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.

Vulnerable Systems

Application

  • Npds Revolution 13.0


References

CONFIRM - http://www.npds.org/viewtopic.php?topic=26233&forum=12

CONFIRM - http://www.npds.org/viewtopic.php?topic=26189&forum=12

MISC - http://websecgeeks.com/npds-cms-sql-injection/

MISC - http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.html


Last Updated: 27 May 2016 11:07:42