Lucene search

[email protected]CVE-2008-2084

HistoryMay 05, 2008 - 5:20 p.m.

CVE-2008-2084

2008-05-0517:20:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-2084

sql injection

myarticles 0.6

runcms

vulnerability

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.6%

JSON

SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.

Affected configurations

NVD

Node

myarticlesmyarticlesMatch0.6beta1

runcmsmyarticles_moduleMatch0.6beta1

CPENameOperatorVersion
myarticles:myarticlesmyarticleseq0.6
runcms:myarticles_moduleruncms myarticles moduleeq0.6

CPE	Name	Operator	Version
myarticles:myarticles	myarticles	eq	0.6
runcms:myarticles_module	runcms myarticles module	eq	0.6

References

www.securityfocus.com/bid/28952

exchange.xforce.ibmcloud.com/vulnerabilities/42016

www.exploit-db.com/exploits/5505

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.6%

JSON

Related for CVE-2008-2084

nvd1 prion1 cvelist1