Vulnerabilities > CVE-2005-1096 - SQL Injection vulnerability in Ocean12 Membership Manager Pro

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

ocean12-technologies

NVD

Published: 2005-04-06

Updated: 2017-07-11

Summary

SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter.

Vulnerable Configurations

Part	Description	Count
Application	Ocean12_Technologies Ocean12 Technologies Membership Manager PRO *	1

References

http://secunia.com/advisories/14864
http://securitytracker.com/id?1013667
http://www.hackerscenter.com/archive/view.asp?id=1865
http://www.osvdb.org/15307
http://www.securityfocus.com/bid/13049
https://exchange.xforce.ibmcloud.com/vulnerabilities/20015