CVE-2005-1413 Information

Feb 14, 2021 cve

Description

Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp or the (3) searchstring and possibly (4) ID parameters to default.asp.

Reference

http://digitalparadox.org/viewadvisories.ah?view=37 http://marc.info/?l=full-disclosure&m=118414271202945&w=2 http://secunia.com/advisories/15173 http://securitytracker.com/id?1013843 http://securityvulns.ru/Rdocument425.html http://www.osvdb.org/15964 http://www.osvdb.org/15965 http://www.osvdb.org/15966 http://www.securityfocus.com/bid/13437 http://www.securityfocus.com/bid/13439 http://www.securityfocus.com/bid/13440 http://www.securityfocus.com/bid/24860 https://exchange.xforce.ibmcloud.com/vulnerabilities/20313

Share on: