Lucene search
HistoryAug 11, 2008 - 11:41 p.m.
CVE-2008-3588
cve-2008-3588
phsblog
sql injection
remote attackers
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.8%
Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php.
Affected configurations
Node
phsblogphsblogMatch0.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| phsblog:phsblog | phsblog | eq | 0.1.1 |
Related
nvd
nvd
CVE-2008-3588
2008-08-11 23:41:00
CVE-2008-4072
2008-09-15 15:14:05
cvelist
cvelist
CVE-2008-3588
2008-08-11 23:00:00
CVE-2008-4072
2008-09-15 15:00:00
prion
prion
Sql injection
2008-08-11 23:41:00
Sql injection
2008-09-15 15:14:00
cve
cve
CVE-2008-4072
2008-09-15 15:14:05
seebug
seebug
Oracle 2008年10月紧急补丁更新修复多个漏洞
2008-10-20 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.8%
Related for CVE-2008-3588