Lucene search

[email protected]CVE-2004-2008

HistoryMay 08, 2004 - 4:00 a.m.

CVE-2004-2008

2004-05-0804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

sql injection

nukejokes

security vulnerability

remote code execution

9.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.0%

JSON

SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter.

CPENameOperatorVersion
adam_webb:nukejokesadam webb nukejokeseq2.0_beta
adam_webb:nukejokesadam webb nukejokeseq1.7

CPE	Name	Operator	Version
adam_webb:nukejokes	adam webb nukejokes	eq	2.0_beta
adam_webb:nukejokes	adam webb nukejokes	eq	1.7

References

marc.info/?l=bugtraq&m=108404714232579&w=2

secunia.com/advisories/11579

www.securityfocus.com/bid/10306

www.waraxe.us/index.php?modname=sa&id=28

exchange.xforce.ibmcloud.com/vulnerabilities/16099

9.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.0%

JSON

Related for CVE-2004-2008

cvelist1