Lucene search
MitreCVE-2008-2277HistoryMay 16, 2008 - 12:54 p.m.
CVE-2008-2277
2008-05-1612:54:00
CWE-89
mitre
web.nvd.nist.gov
23
cve
2008
2277
sql injection
remote attackers
arbitrary commands
detail.php
feedback and rating script 1.0
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
43.6%
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
Affected configurations
Node
cmsnxfeedback_and_rating_scriptMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cmsnx | feedback_and_rating_script | 1.0 | cpe:2.3:a:cmsnx:feedback_and_rating_script:1.0:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-2277
2008-05-16 12:54:00
prion
prion
Sql injection
2008-05-16 12:54:00
exploitdb
exploitdb
Feedback and Rating Script 1.0 - 'detail.php' SQL Injection
2008-05-14 00:00:00
cvelist
cvelist
CVE-2008-2277
2008-05-16 10:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
43.6%
Related for CVE-2008-2277