[VIM] Site specific: OSVDB-29901: Kinesis Interactive Cinema System (KICS) index.asp Multiple Login Field SQL Injection

Sullo sullo at cirt.net
Tue Apr 3 01:35:22 UTC 2007


FYI-- This one is site-specific, it seems. We will be deleting our entry.

OSVDB-29901 / CVE-2006-5450
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-5450>

-Sullo


-------- Original Message --------
That's correct, the product is 100% web-based.

Thanks,
-alex

At 01:26 AM 30/03/2007, you wrote:

> So, there is no software that can be downloaded and installed on a
> user's site directly--if I purchase KICS, you provide me a site you
> control to manage my web site?
>
> I want to make sure I understand everything before I make updates to our
> entry, which may have ramifications for the other vulnerability
> databases as well.
>
> Thanks
> Sullo
>
>
> Alex Daniel wrote:
> > Well since it's a web based service, users need not make any changes.
> > We plugged this hole the day it was found last year.
> >
> > Cheers,
> > -alex
> >



More information about the VIM mailing list