Vulnerabilities > CVE-2005-1943 - SQL Injection vulnerability in Loki Download Manager Default.ASP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
loki
exploit available

Summary

Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp.

Vulnerable Configurations

Part Description Count
Application
Loki
1

Exploit-Db

  • descriptionLoki Download Manager 2.0 Catinfo.ASP SQL Injection Vulnerability. CVE-2005-1943. Webapps exploit for asp platform
    idEDB-ID:25805
    last seen2016-02-03
    modified2005-06-08
    published2005-06-08
    reporterhack_912
    sourcehttps://www.exploit-db.com/download/25805/
    titleLoki Download Manager 2.0 Catinfo.ASP SQL Injection Vulnerability
  • descriptionLoki Download Manager 2.0 Default.ASP SQL Injection Vulnerability. CVE-2005-1943. Webapps exploit for asp platform
    idEDB-ID:25804
    last seen2016-02-03
    modified2005-06-08
    published2005-06-08
    reporterhack_912
    sourcehttps://www.exploit-db.com/download/25804/
    titleLoki Download Manager 2.0 Default.ASP SQL Injection Vulnerability