ID CVE-2005-4366
Summary Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote attackers to execute arbitrary SQL commands via the (1) plan_id parameter to (a) domains.php, (b) viewusage.php, (c) pop_accounts.php, (d) databases.php, (e) ftp_users.php, (f) crons.php, (g) pass_dirs.php, (h) zone_files.php, (i) htaccess.php, and (j) software.php; (2) the customerPlanID parameter to viewplan.php; (3) the ref_id parameter to referred_plans.php; (4) customerPlanID parameter to listcharges.php; and (5) the domain parameter to (k) pop_accounts.php, (d) databases.php, (e) ftp_users.php, (f) crons.php, (g) pass_dirs.php, (h) zone_files.php, (i) htaccess.php, and (j) software.php. NOTE: the viewinvoice.php invoiceID vector is already covered by CVE-2005-4137.
References
Vulnerable Configurations
  • cpe:2.3:a:fad_solutions:drzes_hms:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:fad_solutions:drzes_hms:3.2:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 20-09-2008 - 04:42)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
refmap via4
bid 15644
misc http://pridels0.blogspot.com/2005/11/drzes-hms-32-multiple-vuln.html
osvdb
  • 21179
  • 21180
  • 21181
  • 21182
  • 21183
  • 21184
  • 21185
  • 21186
  • 21187
  • 21188
  • 21189
  • 21190
  • 21191
  • 21192
Last major update 20-09-2008 - 04:42
Published 20-12-2005 - 01:03
Last modified 20-09-2008 - 04:42
Back to Top