Lucene search
MitreCVE-2008-0397HistoryJan 23, 2008 - 12:00 p.m.
CVE-2008-0397
2008-01-2312:00:00
CWE-89
mitre
web.nvd.nist.gov
21
cve
sql injection
aflog
security vulnerability
remote code execution
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.002
Percentile
60.3%
Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to comments.php and (2) an unspecified parameter to view.php.
Affected configurations
Node
aflog.orgaflogMatch1.01
Related
nvd
nvd
CVE-2008-0397
2008-01-23 12:00:00
prion
prion
Sql injection
2008-01-23 12:00:00
cvelist
cvelist
CVE-2008-0397
2008-01-23 11:00:00
exploitdb
exploitdb
aflog 1.01 - Cross-Site Scripting / SQL Injection
2008-01-22 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
Low
EPSS
0.002
Percentile
60.3%
Related for CVE-2008-0397