Computer Security

CVE-2007-6338
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2007-6338
StatusCandidate
DescriptionSQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field).  NOTE: some of these details are obtained from third party information.
PhaseAssigned (13.12.2007)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6338
ReferencesBID : 26865
 BUGTRAQ : 20071213 + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338
 MISC : http://packetstorm.linuxsecurity.com/0712-exploits...
 SECUNIA : 28098
 XF : coursemill-userlogin-sql-injection(39031)
SecurityVulns:Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server