CVE-2008-5882
published 2009-01-09CVE-2008-5882: SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) before 6.1, as used by Avaya AG250 - Broadcast Server before…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) before 6.1, as used by Avaya AG250 - Broadcast Server before 2.0 and possibly other products, allows remote attackers to execute arbitrary SQL commands via the txtUID parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| avaya | broadcast_server | <= 2.0 | — |
| citrix | broadcast_server | <= 6.0 | — |
| citrix | xenserver | — | — |