Lucene search
MitreCVE-2008-4175HistorySep 23, 2008 - 3:25 p.m.
CVE-2008-4175
2008-09-2315:25:42
CWE-89
mitre
web.nvd.nist.gov
27
cve-2008-4175
sql injection
link bid script 1.5
remote execution
security vulnerability
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.005
Percentile
76.7%
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
Affected configurations
Node
linkbidscriptlinkbidscriptMatch1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linkbidscript | linkbidscript | 1.5 | cpe:2.3:a:linkbidscript:linkbidscript:1.5:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2008-09-23 15:25:00
cvelist
cvelist
CVE-2008-4175
2008-09-23 15:00:00
exploitdb
exploitdb
Link Bid Script 1.5 - Multiple SQL Injections
2008-09-15 00:00:00
nvd
nvd
CVE-2008-4175
2008-09-23 15:25:42
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.005
Percentile
76.7%
Related for CVE-2008-4175