Vulnerability Description
SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adserversolutions | Ad Management Software | - |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33072Vendor Advisory
- http://www.securityfocus.com/bid/32790Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47282
- https://www.exploit-db.com/exploits/7424
- http://secunia.com/advisories/33072Vendor Advisory
- http://www.securityfocus.com/bid/32790Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47282
- https://www.exploit-db.com/exploits/7424
FAQ
What is CVE-2008-6365?
CVE-2008-6365 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to ...
How severe is CVE-2008-6365?
CVE-2008-6365 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6365?
Check the references section above for vendor advisories and patch information. Affected products include: Adserversolutions Ad Management Software.