Vulnerabilities > CVE-2005-4408 - SQL Injection vulnerability in Miraserver
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Miraserver 1.0 RC4 article.php cat Parameter SQL Injection. CVE-2005-4408. Webapps exploit for php platform id EDB-ID:26902 last seen 2016-02-03 modified 2005-12-19 published 2005-12-19 reporter r0t source https://www.exploit-db.com/download/26902/ title Miraserver 1.0 RC4 article.php cat Parameter SQL Injection description Miraserver 1.0 RC4 newsitem.php id Parameter SQL Injection. CVE-2005-4408. Webapps exploit for php platform id EDB-ID:26901 last seen 2016-02-03 modified 2005-12-19 published 2005-12-19 reporter r0t source https://www.exploit-db.com/download/26901/ title Miraserver 1.0 RC4 newsitem.php id Parameter SQL Injection description Miraserver 1.0 RC4 index.php page Parameter SQL Injection. CVE-2005-4408 . Webapps exploit for php platform id EDB-ID:26900 last seen 2016-02-03 modified 2005-12-19 published 2005-12-19 reporter r0t source https://www.exploit-db.com/download/26900/ title Miraserver 1.0 RC4 index.php page Parameter SQL Injection