Lucene search

[email protected]CVE-2008-0829

HistoryFeb 19, 2008 - 9:44 p.m.

CVE-2008-0829

2008-02-1921:44:00

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

jooget.php

remote attackers

joomla

mambo

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

37.3%

JSON

SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.

CPENameOperatorVersion
joomlapixel:joogetjoomlapixel joogeteq2.6.8
mambo:mambomamboeq*
joomla:joomlajoomlaeq*

CPE	Name	Operator	Version
joomlapixel:jooget	joomlapixel jooget	eq	2.6.8
mambo:mambo	mambo	eq	*
joomla:joomla	joomla	eq	*

References

forum.joomlaitalia.com/index.php?topic=388.0

members.joomlapixel.eu/download/componenti/patch-jooget-2.6.8-sql-injection/details.html

secunia.com/advisories/28998

www.securityfocus.com/bid/27836

www.exploit-db.com/exploits/5132

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

37.3%

JSON

Related for CVE-2008-0829

cvelist1 prion1