Vulnerabilities for Cobalt (...) - CXSECURITY.COM

Vulnerabilities for 'Cobalt'

2009-02-19

CVE-2008-6203

SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2008-6202

SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp.

Copyright 2024, cxsecurity.com