OSVDB ID: 40576

Title: Absolute News Manager .NET xlaabsolutenm.aspx Multiple Parameter SQL Injection

Info

Disclosure

Nov 28, 2007

Discovery

Nov 16, 2007

Dates

Exploit

Dec 04, 2007

Solution

Nov 28, 2007

Description

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Products

Unknown or Incomplete

References

CVE ID: 2007-6269 (see also: NVD)
Bugtraq ID: 26692
Secunia Advisory ID: 27923
Other Advisory URL: http://www.procheckup.com/Vulnerability_PR07-39.php
Vendor Specific News/Changelog Entry: http://www.xigla.com/news/default.aspx
Vendor Specific Solution URL: http://www.xigla.com/security/ANMNET51-SecurityUpdate20071128.zip

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/40576