CVE-2006-5285

SQL injection vulnerability in index.php in XeoPort 0.81, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the xp_body_text parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-13 03:07:00.000-04
Last Modified2018-10-17 05:42:00.000-04

Vulnerable Software List

VendorProductVersions
Xeoport Xeoport 0.81

References

SourceLink
FULLDISC20061012 XeoPort <= 0.81 SQL Injection Vulnerability
SREASON1735
SECTRACK1017055
BUGTRAQ20061012 XeoPort <= 0.81 SQL Injection Vulnerability
BID20475
XFxeoport-index-sql-injection(29479)