Lucene search
HistoryJan 15, 2008 - 8:00 p.m.
CVE-2008-0173
sql injection
gforge
4.6.99
vulnerability
remote execution
rss exports
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.6%
SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gforge:gforge | gforge | le | 4.6.99 |
References
Social References
More
Related
securityvulns
securityvulns
[SECURITY] [DSA 1459-1] New gforge packages fix SQL injection
2008-01-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 1459-1 (gforge)
2008-01-31 00:00:00
Debian: Security Advisory (DSA-1459-1)
2008-01-31 00:00:00
ubuntucve
ubuntucve
CVE-2008-0173
2008-01-15 00:00:00
nessus
nessus
Debian DSA-1459-1 : gforge - insufficient input validation
2008-01-14 00:00:00
osv
osv
gforge - SQL injection
2008-01-13 00:00:00
prion
prion
Sql injection
2008-01-15 20:00:00
debian
debian
[SECURITY] [DSA 1459-1] New gforge packages fix SQL injection
2008-01-13 15:07:36
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.6%
Related for CVE-2008-0173