PT-2005-1918 · Dream4 · Dream4 Koobi Cms

Publicado

2005-03-26

Atualizado

2008-09-05

CVE-2005-0890

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Dream4 Koobi CMS version 4.2.3

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the area parameter.

Recommendations For Dream4 Koobi CMS version 4.2.3, avoid using the area parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0890

Produtos afetados

Dream4 Koobi Cms

PT-2005-1918 · Dream4 · Dream4 Koobi Cms

CVE-2005-0890

Identificadores relacionados

Produtos afetados

Referências · 8