Lucene search
HistoryApr 17, 2008 - 7:05 p.m.
CVE-2008-1869
cve-2008-1869
sql injection
site sift listings
remote attackers
arbitrary sql commands
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.4%
SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific.
Affected configurations
Node
site_sift_mediasite_sift_listings
| CPE | Name | Operator | Version |
|---|---|---|---|
| site_sift_media:site_sift_listings | site sift media site sift listings | eq | * |
Related
nvd
nvd
CVE-2008-1869
2008-04-17 19:05:00
nessus
nessus
Site Sift Listings detail.php id Parameter SQL Injection
2008-04-08 00:00:00
cvelist
cvelist
CVE-2008-1869
2008-04-17 17:00:00
prion
prion
Sql injection
2008-04-17 19:05:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.4%
Related for CVE-2008-1869