Lucene search
HistoryJul 25, 2008 - 4:41 p.m.
CVE-2008-3307
cve-2008-3307
sql injection
todos.php
c. desseno youtube blog
remote attack
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
65.1%
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306.
Affected configurations
Node
youtube_blogyoutube_blogMatch0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| youtube_blog:youtube_blog | youtube blog | eq | 0.1 |
Related
prion
prion
Sql injection
2008-07-25 16:41:00
Sql injection
2008-07-25 16:41:00
cvelist
cvelist
CVE-2008-3306
2008-07-25 16:00:00
CVE-2008-3307
2008-07-25 16:00:00
nvd
nvd
CVE-2008-3306
2008-07-25 16:41:00
CVE-2008-3307
2008-07-25 16:41:00
cve
cve
CVE-2008-3306
2008-07-25 16:41:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
65.1%
Related for CVE-2008-3307