Lucene search
HistoryOct 07, 2008 - 12:31 a.m.
CVE-2008-4457
cve-2008-4457
sql injection
memht portal 3.9.0
security vulnerability
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.3%
SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php.
Affected configurations
Node
memhtmemht_portalRange≤3.9.0
ORmemhtmemht_portalMatch1.0final
ORmemhtmemht_portalMatch1.5full
ORmemhtmemht_portalMatch1.5update
ORmemhtmemht_portalMatch2.0full
ORmemhtmemht_portalMatch2.0update
ORmemhtmemht_portalMatch2.5full
ORmemhtmemht_portalMatch2.5update
ORmemhtmemht_portalMatch2.9full
ORmemhtmemht_portalMatch2.9update
ORmemhtmemht_portalMatch3.0full
ORmemhtmemht_portalMatch3.0update
ORmemhtmemht_portalMatch3.1full
ORmemhtmemht_portalMatch3.1update
ORmemhtmemht_portalMatch3.2update
ORmemhtmemht_portalMatch3.3full
ORmemhtmemht_portalMatch3.3update
ORmemhtmemht_portalMatch3.4full
ORmemhtmemht_portalMatch3.4update
ORmemhtmemht_portalMatch3.4.5full
ORmemhtmemht_portalMatch3.4.5update
ORmemhtmemht_portalMatch3.5.0full
ORmemhtmemht_portalMatch3.6.0
ORmemhtmemht_portalMatch3.6.5
ORmemhtmemht_portalMatch3.7.0
ORmemhtmemht_portalMatch3.7.5
ORmemhtmemht_portalMatch3.8.0
ORmemhtmemht_portalMatch3.8.1
ORmemhtmemht_portalMatch3.8.5
Related
prion
prion
Sql injection
2008-10-07 00:31:00
cvelist
cvelist
CVE-2008-4457
2008-10-07 00:00:00
nvd
nvd
CVE-2008-4457
2008-10-07 00:31:08
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.3%
Related for CVE-2008-4457