GForge Multiple SQL Injection Vulnerabilities Network Vulnerability

Summary

GForge is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. GForge 4.5.19 and 4.6 b1 are vulnerable other versions may also be affected.

Solution

Update to newer version if available at http://gforge.org/

Severity

Classification

CVE CVE-2008-6189

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

68designs 68kb Multiple Remote File Include Vulnerabilities
ASUS RT56U Router Multiple Vulnerabilities
AWCM CMS Multiple Remote File Include Vulnerabilities
4psa Voipnow Local File Inclusion Vulnerability
appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities