Lucene search

[email protected]CVE-2008-2999

HistoryJul 03, 2008 - 6:41 p.m.

CVE-2008-2999

2008-07-0318:41:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-2999

sql injection

aggregation module

drupal

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.1%

JSON

Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

drupalaggregation_moduleMatch3.0

drupalaggregation_moduleMatch3.1

drupalaggregation_moduleMatch3.2

drupalaggregation_moduleMatch4.0

drupalaggregation_moduleMatch4.1

drupalaggregation_moduleMatch4.2

drupalaggregation_moduleMatch4.3

drupaldrupalMatch5.0

drupaldrupalMatch5.1

drupaldrupalMatch5.1_rev1.1

drupaldrupalMatch5.2

drupaldrupalMatch5.3

drupaldrupalMatch5.4

drupaldrupalMatch5.5.

drupaldrupalMatch5.7

CPENameOperatorVersion
drupal:aggregation_moduledrupal aggregation moduleeq3.0
drupal:aggregation_moduledrupal aggregation moduleeq3.1
drupal:aggregation_moduledrupal aggregation moduleeq3.2
drupal:aggregation_moduledrupal aggregation moduleeq4.0
drupal:aggregation_moduledrupal aggregation moduleeq4.1
drupal:aggregation_moduledrupal aggregation moduleeq4.2
drupal:aggregation_moduledrupal aggregation moduleeq4.3
drupal:drupaldrupaleq5.0
drupal:drupaldrupaleq5.1
drupal:drupaldrupaleq5.1_rev1.1

CPE	Name	Operator	Version
drupal:aggregation_module	drupal aggregation module	eq	3.0
drupal:aggregation_module	drupal aggregation module	eq	3.1
drupal:aggregation_module	drupal aggregation module	eq	3.2
drupal:aggregation_module	drupal aggregation module	eq	4.0
drupal:aggregation_module	drupal aggregation module	eq	4.1
drupal:aggregation_module	drupal aggregation module	eq	4.2
drupal:aggregation_module	drupal aggregation module	eq	4.3
drupal:drupal	drupal	eq	5.0
drupal:drupal	drupal	eq	5.1
drupal:drupal	drupal	eq	5.1_rev1.1

Rows per page:

1-10 of 151

References

drupal.org/node/269479

secunia.com/advisories/30618

www.securityfocus.com/bid/29677

exchange.xforce.ibmcloud.com/vulnerabilities/43010

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.1%

JSON

Related for CVE-2008-2999

cvelist1 nvd1 prion1