Lucene search
MitreCVE-2008-3256HistoryJul 22, 2008 - 4:41 p.m.
CVE-2008-3256
2008-07-2216:41:00
CWE-89
mitre
web.nvd.nist.gov
26
cve-2008-3256
sql injection
siteframe cms
vulnerability
remote execution
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
27.8%
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected configurations
Node
siteframesiteframe_beaumontRange≤5.0.5
ORsiteframesiteframe_beaumontMatch5.0.1
ORsiteframesiteframe_beaumontMatch5.0.1a
ORsiteframesiteframe_beaumontMatch5.0.2
ORsiteframesiteframe_cmsRange≤3.2.3
ORsiteframesiteframe_cmsMatch2.0.2
ORsiteframesiteframe_cmsMatch2.0.2\+0005
ORsiteframesiteframe_cmsMatch2.1\+0001
ORsiteframesiteframe_cmsMatch2.2.0
ORsiteframesiteframe_cmsMatch2.2.1
ORsiteframesiteframe_cmsMatch2.2.2
ORsiteframesiteframe_cmsMatch2.3
ORsiteframesiteframe_cmsMatch2.3.2
ORsiteframesiteframe_cmsMatch2.4
ORsiteframesiteframe_cmsMatch3.0.1
ORsiteframesiteframe_cmsMatch3.0.2
ORsiteframesiteframe_cmsMatch3.1.0
ORsiteframesiteframe_cmsMatch3.2.1
ORsiteframesiteframe_cmsMatch3.2.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siteframe | siteframe_beaumont | * | cpe:2.3:a:siteframe:siteframe_beaumont:*:*:*:*:*:*:*:* |
| siteframe | siteframe_beaumont | 5.0.1 | cpe:2.3:a:siteframe:siteframe_beaumont:5.0.1:*:*:*:*:*:*:* |
| siteframe | siteframe_beaumont | 5.0.1a | cpe:2.3:a:siteframe:siteframe_beaumont:5.0.1a:*:*:*:*:*:*:* |
| siteframe | siteframe_beaumont | 5.0.2 | cpe:2.3:a:siteframe:siteframe_beaumont:5.0.2:*:*:*:*:*:*:* |
| siteframe | siteframe_cms | * | cpe:2.3:a:siteframe:siteframe_cms:*:*:*:*:*:*:*:* |
| siteframe | siteframe_cms | 2.0.2 | cpe:2.3:a:siteframe:siteframe_cms:2.0.2:*:*:*:*:*:*:* |
| siteframe | siteframe_cms | 2.0.2+0005 | cpe:2.3:a:siteframe:siteframe_cms:2.0.2\+0005:*:*:*:*:*:*:* |
| siteframe | siteframe_cms | 2.1+0001 | cpe:2.3:a:siteframe:siteframe_cms:2.1\+0001:*:*:*:*:*:*:* |
| siteframe | siteframe_cms | 2.2.0 | cpe:2.3:a:siteframe:siteframe_cms:2.2.0:*:*:*:*:*:*:* |
| siteframe | siteframe_cms | 2.2.1 | cpe:2.3:a:siteframe:siteframe_cms:2.2.1:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Siteframe CMS 3.2.3 - 'folder.php' SQL Injection
2008-07-18 00:00:00
nvd
nvd
CVE-2008-3256
2008-07-22 16:41:00
cvelist
cvelist
CVE-2008-3256
2008-07-22 16:00:00
prion
prion
Sql injection
2008-07-22 16:41:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
27.8%
Related for CVE-2008-3256