CGI abuses : RunCMS <= 1.2 SQL Injection

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.56875

Category: CGI abuses

Title: RunCMS <= 1.2 SQL Injection

Summary: NOSUMMARY

Description: Description:

The remote version of RunCMS, according to its version
number, is vulnerable to multiple SQL injection attacks via the
NewBB_Plus and Messages modules. Attackers have the ability
to compromise the application, disclose or modify data, and
perform attacks against the underlying database.

Versions up to 1.2 are known to be vulnerable.

Solution : Upgrade to a later version.

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 14631
Common Vulnerability Exposure (CVE) ID: CVE-2005-2692
http://www.gulftech.org/?node=research&article_id=00094-08192005
http://secunia.com/advisories/16514

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.56875
Category:	CGI abuses
Title:	RunCMS <= 1.2 SQL Injection
Summary:	NOSUMMARY
Description:	Description: The remote version of RunCMS, according to its version number, is vulnerable to multiple SQL injection attacks via the NewBB_Plus and Messages modules. Attackers have the ability to compromise the application, disclose or modify data, and perform attacks against the underlying database. Versions up to 1.2 are known to be vulnerable. Solution : Upgrade to a later version. Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 14631 Common Vulnerability Exposure (CVE) ID: CVE-2005-2692 http://www.gulftech.org/?node=research&article_id=00094-08192005 http://secunia.com/advisories/16514
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com