PT-2005-3561 · Land Down Under · Land Down Under (Ldu) 800
Bl2K
+1
·
Published
2005-08-23
·
Updated
2024-08-07
·
CVE-2005-2675
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Land Down Under (LDU) 800
Description
Multiple SQL injection issues allow remote attackers to execute arbitrary SQL commands via various parameters to different PHP files, including
s or m parameter to "forums.php", o, w, s, or p parameter to "list.php", m parameter to "journal.php", x or n parameter to "forums.php", or w parameter to "links.php". The vendor has disputed this issue, stating that the variables are properly sanitized and no LDU version is affected.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Land Down Under (Ldu) 800