SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers to inject data via the fields of a CSV file.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N
Vendors Products
Citrusdb
  • Citrusdb

Configuration 1 [-]

cpe:2.3:a:citrusdb:citrusdb:*:*:*:*:*:*:*:*
References
Link Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031709.html
http://www.redteam-pentesting.de/advisories/rt-sa-2005-004.txt Exploit Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-02-16T05:00:00

Updated: 2005-06-04T09:00:00

Reserved: 2005-02-14T00:00:00

Link: CVE-2005-0410

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2005-02-14T05:00:00.000

Modified: 2008-09-10T19:35:31.290

Link: CVE-2005-0410

JSON object: View

cve-icon Redhat Information

No data.

CWE