Lucene search

[email protected]CVE-2008-2556

HistoryJun 05, 2008 - 9:32 p.m.

CVE-2008-2556

2008-06-0521:32:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-2556

sql injection

php visit counter 0.4

remote attackers

arbitrary sql commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.8%

JSON

SQL injection vulnerability in read.php in PHP Visit Counter 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the datespan parameter in a read action.

Affected configurations

NVD

Node

hessel_brouwerphp_visit_counterRange≤0.4

CPENameOperatorVersion
hessel_brouwer:php_visit_counterhessel brouwer php visit counterle0.4

CPE	Name	Operator	Version
hessel_brouwer:php_visit_counter	hessel brouwer php visit counter	le	0.4

References

exchange.xforce.ibmcloud.com/vulnerabilities/42789

www.exploit-db.com/exploits/5703

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.8%

JSON

Related for CVE-2008-2556

cvelist1 prion1 nvd1