Vulnerabilities > CVE-2005-1128 - SQL-Injection vulnerability in Virtual Hosting Control System Virtual Hosting Control System 2.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
virtual-hosting-control-system

Summary

Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries.