CVE-2005-4495

SQL injection vulnerability in index.cfm in SpireMedia mx7 allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the vendor has disputed this issue, stating "This information is incorrect, unproven, and potentially slanderous." However, CVE and OSVDB have both...

CVE-2005-4495

SQL injection vulnerability in index.cfm in SpireMedia mx7 allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the vendor has disputed this issue, stating "This information is incorrect, unproven, and potentially slanderous." However, CVE and OSVDB have both...

CVE-2005-4495

The advisory concerns SpireMedia mx7, specifically the index.cfm script, where the cid parameter is vulnerable to SQL injection. The root cause is untrusted input used in SQL queries, enabling remote attackers to potentially run arbitrary SQL commands. Some sources also suggest this may illuminat...

PT-2005-5178 · Spiremedia · Spiremedia Mx7

Name of the Vulnerable Software and Affected Versions: SpireMedia mx7 affected versions not specified Description: A SQL injection issue in index.cfm allows remote attackers to potentially execute arbitrary SQL commands via the cid parameter. This might also lead to path disclosure from invalid S...

SpireMedia CMS SQL inj. vuln.

SpireMedia CMS SQL inj. vuln. Vuln. discovered by : r0t Date: 21 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/spiremedia-cms-sql-inj-vuln.html vendor:http://www.spiremedia.com/ affected version:mx7 Product Description: The SpireMedia CMS is an enterprise class Content Management...