Lucene search
MitreCVE-2008-1872HistoryApr 17, 2008 - 7:05 p.m.
CVE-2008-1872
2008-04-1719:05:00
CWE-89
mitre
web.nvd.nist.gov
27
cve-2008-1872
sql injection
comdev news publisher
vulnerability
remote attackers
arbitrary commands
arcmonth parameter
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
30.0%
SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
comdevcomdev_news_publisherMatch4.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| comdev | comdev_news_publisher | 4.1.2 | cpe:2.3:a:comdev:comdev_news_publisher:4.1.2:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Comdev News Publisher 4.1.2 - SQL Injection
2008-04-04 00:00:00
prion
prion
Sql injection
2008-04-17 19:05:00
cvelist
cvelist
CVE-2008-1872
2008-04-17 17:00:00
nvd
nvd
CVE-2008-1872
2008-04-17 19:05:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
30.0%
Related for CVE-2008-1872