Open-Audit Multiple Vulnerabilities Network Vulnerability

Summary

Open-Audit is prone to multiple vulnerabilities, including a local file- include vulnerability and multiple SQL-injection, cross-site scripting, and authentication-bypass vulnerabilities. An attacker can exploit these vulnerabilities to steal cookie-based authentication credentials, compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, obtain potentially sensitive information, perform unauthorized actions, or execute arbitrary local scripts in the context of the webserver process other attacks are also possible. Open-Audit 20081013 and 20091223-RC are vulnerable other versions may also be affected.

References

http://www.open-audit.org/index.php
http://www.securityfocus.com/bid/40315

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
Admin Bot 'news.php' SQL Injection Vulnerability
ActivePerl perlIS.dll Buffer Overflow
appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
A Really Simple Chat Multiple SQL Injection Vulnerabilities

Take action and discover your vulnerabilities