Lucene search
HistoryAug 21, 2008 - 5:41 p.m.
CVE-2008-3762
security
sql injection
vulnerability
turnkey php live helper 2.0.1
nvd
input sanitization
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.1%
SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php.
Affected configurations
Node
turnkeywebtoolsphp_live_helperRange≤2.0.1
ORturnkeywebtoolsphp_live_helperMatch2.0
ORturnkeywebtoolsphp_live_helperMatch2.0beta_1
ORturnkeywebtoolsphp_live_helperMatch2.0beta_2
ORturnkeywebtoolsphp_live_helperMatch2.0beta_3
ORturnkeywebtoolsphp_live_helperMatch2.0beta_4
ORturnkeywebtoolsphp_live_helperMatch2.0beta_5
ORturnkeywebtoolsphp_live_helperMatch2.0beta_6
Related
cvelist
cvelist
CVE-2008-3762
2008-08-21 17:00:00
prion
prion
Sql injection
2008-08-21 17:41:00
nvd
nvd
CVE-2008-3762
2008-08-21 17:41:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.1%
Related for CVE-2008-3762