Lucene search

[email protected]CVE-2008-0453

HistoryJan 25, 2008 - 12:00 a.m.

CVE-2008-0453

2008-01-2500:00:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-0453

sql injection

easysitenetwork recipe

list.php

categoryid

vulnerability

nvd

8.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

38.8%

JSON

SQL injection vulnerability in list.php in Easysitenetwork Recipe allows remote attackers to execute arbitrary SQL commands via the categoryid parameter.

Affected configurations

NVD

Node

easysitenetworkrecipe_website_script

CPENameOperatorVersion
easysitenetwork:recipe_website_scripteasysitenetwork recipe website scripteq*

CPE	Name	Operator	Version
easysitenetwork:recipe_website_script	easysitenetwork recipe website script	eq	*

References

www.securityfocus.com/bid/27405

exchange.xforce.ibmcloud.com/vulnerabilities/39853

www.exploit-db.com/exploits/4960

8.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

38.8%

JSON

Related for CVE-2008-0453

nvd1 prion1 cvelist1