CVE-2003-1315

Current Description

SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands.

Basic Data

PublishedDecember 31, 2003
Last ModifiedJuly 29, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationNeocromeLand Down Under701*******

Vulnerable Software List

VendorProductVersions
Neocrome Land Down Under 701

References

NameSourceURLTags
10396http://secunia.com/advisories/10396SECUNIAVendor Advisory
1008416http://securitytracker.com/id?1008416SECTRACK
http://www.neocrome.net/index.php?m=single&id=76http://www.neocrome.net/index.php?m=single&id=76MISC
http://www.neocrome.net/page.php?id=1250http://www.neocrome.net/page.php?id=1250MISC
2943http://www.osvdb.org/2943OSVDB
9168http://www.securityfocus.com/bid/9168BID
landdownunder-auth-sql-injection(13922)https://exchange.xforce.ibmcloud.com/vulnerabilities/13922XF