SecuritySpace - CVE-2005-2675

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2005-2675

Description: ** DISPUTED ** Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter to forums.php, (3) o, (4) w, (5) s, or (6) p parameter to list.php, (7) m parameter to journal.php, (8) x or (9) n parameter to forums.php, or (10) w parameter to links.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected."

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2005-2675
BugTraq ID: 14618
http://www.securityfocus.com/bid/14618
Bugtraq: 20050820 Bugs Land Down Under v800 (Google Search)
http://marc.info/?l=bugtraq&m=112456235729717&w=2
http://www.neocrome.net
http://securitytracker.com/id?1014747

CVE ID:	CVE-2005-2675
Description:	DISPUTED Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter to forums.php, (3) o, (4) w, (5) s, or (6) p parameter to list.php, (7) m parameter to journal.php, (8) x or (9) n parameter to forums.php, or (10) w parameter to links.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected."
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2675 BugTraq ID: 14618 http://www.securityfocus.com/bid/14618 Bugtraq: 20050820 Bugs Land Down Under v800 (Google Search) http://marc.info/?l=bugtraq&m=112456235729717&w=2 http://www.neocrome.net http://securitytracker.com/id?1014747