Lucene search
HistoryJul 30, 2008 - 5:41 p.m.
CVE-2008-3366
cve-2008-3366
sql injection
pligg cms
beta 9.9.0
remote attack
arbitrary sql commands
8.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.5%
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774.
Affected configurations
Node
pliggpligg_cmsMatch9.9.0
ORpliggpligg_cmsMatch9.9.0beta
| CPE | Name | Operator | Version |
|---|---|---|---|
| pligg:pligg_cms | pligg pligg cms | eq | 9.9.0 |
Related
cvelist
cvelist
CVE-2008-3366
2008-07-30 17:00:00
CVE-2008-1774
2008-04-14 15:00:00
nvd
nvd
CVE-2008-3366
2008-07-30 17:41:00
CVE-2008-1774
2008-04-14 16:05:00
prion
prion
Sql injection
2008-07-30 17:41:00
Sql injection
2008-04-14 16:05:00
cve
cve
CVE-2008-1774
2008-04-14 16:05:00
8.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.5%
Related for CVE-2008-3366