Lucene search

[email protected]CVE-2008-3250

HistoryJul 21, 2008 - 5:41 p.m.

CVE-2008-3250

2008-07-2117:41:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-3250

sql injection

arctic issue tracker

index.php

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.1%

JSON

SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter.

Affected configurations

NVD

Node

arctictrackerarctic_issue_trackerMatch2.0.0

CPENameOperatorVersion
arctictracker:arctic_issue_trackerarctictracker arctic issue trackereq2.0.0

CPE	Name	Operator	Version
arctictracker:arctic_issue_tracker	arctictracker arctic issue tracker	eq	2.0.0

References

secunia.com/advisories/31139

securityreason.com/securityalert/4017

www.securityfocus.com/bid/30277

exchange.xforce.ibmcloud.com/vulnerabilities/43872

www.exploit-db.com/exploits/6097

www.exploit-db.com/exploits/6113

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.1%

JSON

Related for CVE-2008-3250

prion2 cvelist2 nvd2 cve1