CVE-2008-6509
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-6509
Status
Candidate
Description
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.
Phase
Assigned (23.03.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6509
References
BID :
32189
BUGTRAQ :
20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
CONFIRM :
http://www.igniterealtime.org/issues/browse/JM-1488
MILW0RM :
7075
MISC :
http://www.andreas-kurtz.de/advisories/AKADV2008-0...
MISC :
http://www.andreas-kurtz.de/archives/63
OSVDB :
51912
VUPEN :
ADV-2008-3061
XF :
openfire-siparklogsummary-sql-injection(46487)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
