CVE-2005-0302

Description

SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header.

Affected Software
References

Software	From	Fixed in
comersus_open_technologies / comersus_backoffice_lite	6.0	6.0.x
comersus_open_technologies / comersus_backoffice_lite	6.1	6.1.x

http://marc.info/?l=bugtraq&m=110636597832556&w=2
http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19013

Severity: High

CVE: CVE-2005-0302
Published: May 2, 2005
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE-2005-0302

Description

Details

CVSS v2