Lucene search
HistoryAug 29, 2008 - 4:41 p.m.
CVE-2008-3861
cve
2008
3861
sql injection
phpmyrealty
pmr
pages.php
search.php
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.7%
Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php.
Affected configurations
Node
phpmyrealtyphpmyrealtyRange≤1.0.9
ORphpmyrealtyphpmyrealtyMatch1.0
ORphpmyrealtyphpmyrealtyMatch1.0.1
ORphpmyrealtyphpmyrealtyMatch1.0.2
ORphpmyrealtyphpmyrealtyMatch1.0.3
ORphpmyrealtyphpmyrealtyMatch1.0.4
ORphpmyrealtyphpmyrealtyMatch1.0.5
ORphpmyrealtyphpmyrealtyMatch1.0.6
ORphpmyrealtyphpmyrealtyMatch1.0.7
ORphpmyrealtyphpmyrealtyMatch1.0.8
Related
openvas
openvas
phpMyRealty 1.0.7 - 1.0.9 Multiple SQLi Vulnerabilities - Active Check
2009-03-22 00:00:00
phpMyRealty Multiple SQL Injection Vulnerabilities
2009-03-22 00:00:00
prion
prion
Sql injection
2008-08-29 16:41:00
nvd
nvd
CVE-2008-3861
2008-08-29 16:41:00
cvelist
cvelist
CVE-2008-3861
2008-08-29 16:22:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.7%
Related for CVE-2008-3861