CVE-2005-4495 Information

Feb 14, 2021 cve

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks SQL injection vulnerability in index.cfm in SpireMedia mx7 allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the vendor has disputed this issue stating \This information is incorrect unproven and potentially slanderous.\ However CVE and OSVDB have both performed additional research that suggests that this might be path disclosure from invalid SQL syntax.

Reference

http://pridels0.blogspot.com/2005/12/spiremedia-cms-sql-inj-vuln.html http://www.osvdb.org/22066 http://www.securityfocus.com/bid/16039 http://www.vupen.com/english/advisories/2005/3053

Share on: