CVE-2005-4040 Information

Description

SQL injection vulnerability in FileLister 0.51 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameters possibly the searchwhat parameter to definesearch.jsp.

Reference

http://pridels0.blogspot.com/2005/12/filelister-sql-inj-vuln.html http://secunia.com/advisories/17821 http://www.osvdb.org/21416 http://www.osvdb.org/21476 http://www.securityfocus.com/bid/15706 http://www.vupen.com/english/advisories/2005/2725 https://exchange.xforce.ibmcloud.com/vulnerabilities/23418