CVE

Id
33537  
CVE No.
CVE-2008-3420  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to browse.php or (2) the s parameter in an exhibitions action to detail.php.  
Phase
Assigned (20080731)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
365118 33537 CVE-2008-3420 MILW0RM:6138  View
365119 33537 CVE-2008-3420 URL:http://www.milw0rm.com/exploits/6138  View
365120 33537 CVE-2008-3420 BID:30382  View
365121 33537 CVE-2008-3420 URL:http://www.securityfocus.com/bid/30382  View
365122 33537 CVE-2008-3420 SECUNIA:31247  View
365123 33537 CVE-2008-3420 URL:http://secunia.com/advisories/31247  View
365124 33537 CVE-2008-3420 SREASON:4097  View
365125 33537 CVE-2008-3420 URL:http://securityreason.com/securityalert/4097  View
365126 33537 CVE-2008-3420 XF:mobius-browse-detail-sql-injection(44019)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
48013 JVNDB-2008-003323 Condor におけるアクセス制限を回避される脆弱性 Condor は、認可ポリシーリストの ALLOW_WRITE、DENY_WRITE、HOSTALLOW_WRITE または HOSTDENY_WRITE 設定変数のワイルドカードを適切に処理しないため、アクセス制限を回避される脆弱性が存在します。 CVE-2008-3424 33537 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003323.html  View