Lucene search
HistoryMay 22, 2008 - 1:09 p.m.
CVE-2008-2416
cve-2008-2416
sql injection
index.php
fichive 1.0
remote attackers
arbitrary sql commands
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.0%
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php.
Affected configurations
Node
fichivefichiveMatch1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| fichive:fichive | fichive | eq | 1.0 |
Related
prion
prion
Sql injection
2008-05-22 13:09:00
Sql injection
2008-05-23 15:33:00
cvelist
cvelist
CVE-2008-2416
2008-05-22 10:00:00
CVE-2008-2425
2008-05-23 15:00:00
nvd
nvd
CVE-2008-2416
2008-05-22 13:09:00
CVE-2008-2425
2008-05-23 15:33:00
cve
cve
CVE-2008-2425
2008-05-23 15:33:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.0%
Related for CVE-2008-2416