HTTP: Immobilier CGI SQL Injection
This signature detects attempts to exploit a SQL injection vulnerability in the Immobilier program. Immobilier 1.0 and earlier versions are vulnerable. Attackers can submit a maliciously crafted URL to the Web server to view and/or modify the database.
Extended Description
SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter.
Affected Products
Phpsecure.org immobilier
Short Name
HTTP:SQL:INJ:AGENT-ADMIN
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CGI CVE-2002-2305 Immobilier Injection SQL
Release Date
08/01/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Phpsecure.org
CVSS Score
7.5