Back to search
CVE-2008-0026
Published: Feb 14, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
27775
vdb-entry
x_refsource_BID
28932
third-party-advisory
x_refsource_SECUNIA
cucm-interface-sql-injection(40484)
vdb-entry
x_refsource_XF
20080213 SQL injection in Cisco Unified Communications Manager
vendor-advisory
x_refsource_CISCO
1019404
vdb-entry
x_refsource_SECTRACK
ADV-2008-0542
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now