CVE

Id
36076  
CVE No.
CVE-2008-5959  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20090123)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
395839 36076 CVE-2008-5959 MILW0RM:7276  View
395840 36076 CVE-2008-5959 URL:http://www.milw0rm.com/exploits/7276  View
395841 36076 CVE-2008-5959 OSVDB:50408  View
395842 36076 CVE-2008-5959 URL:http://osvdb.org/50408  View
395843 36076 CVE-2008-5959 SECUNIA:32902  View
395844 36076 CVE-2008-5959 URL:http://secunia.com/advisories/32902  View
395845 36076 CVE-2008-5959 XF:activetest-start-sql-injection(46921)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
41769 JVNDB-2009-002776 Gravity GTD の library/setup/rpc.php における任意の PHP コードを実行される脆弱性 Gravity Getting Things Done (GTD) の library/setup/rpc.php には、任意の PHP コードを実行される脆弱性が存在します。 CVE-2008-5963 36076 10 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002776.html  View