SQL Injection Vulnerabilities in Xerox CentreWare Web
CVE-2008-3122

Currently unrated

Key Information:

Vendor: Xerox
Status: Centreware Web
Vendor: CVE Published:; 10 July 2008

What is CVE-2008-3122?

Xerox CentreWare Web (CWW) versions prior to 4.6.46 are susceptible to multiple SQL injection vulnerabilities. These vulnerabilities enable remote authenticated users to manipulate the database through arbitrary SQL commands, which can compromise data integrity and confidentiality. Attackers may exploit these flaws to execute unauthorized actions within the application, leading to potential data breaches. It is crucial for users of affected versions to update promptly to mitigate these risks.

References

http://www.xerox.com/downloads/usa/en/c/cert_XRX08_008.pdf

x_refsource_CONFIRM

http://www.securityfocus.com/bid/30151

vdb-entryx_refsource_BID

http://secunia.com/advisories/30978

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2008
Vulnerability Reserved
Jul 10, 2008