|
|
CVE Reference: CVE-2008-4161 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-4161 |
|
|
Description: SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/45233 SREASON http://securityreason.com/securityalert/4287 SAID Secunia Advisory: SA31935 MILW0RM http://www.milw0rm.com/exploits/6490 BID 31248 |
|
| Return to the previous page. |
