Lucene search

[email protected]CVE-2008-4613

HistoryOct 20, 2008 - 6:14 p.m.

CVE-2008-4613

2008-10-2018:14:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-4613

sql injection

forums.asp

portalapp 4.0

remote attackers

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.1%

JSON

SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.

CPENameOperatorVersion
portalapp:portalappportalappeq4.0

CPE	Name	Operator	Version
portalapp:portalapp	portalapp	eq	4.0

References

secunia.com/advisories/28337

securityreason.com/securityalert/4439

www.aspapp.com/content.asp?CatId=197&ContentType=Downloads

www.securityfocus.com/bid/27170

exchange.xforce.ibmcloud.com/vulnerabilities/39454

www.exploit-db.com/exploits/4848

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for CVE-2008-4613

nessus1 cvelist1 prion1