Lucene search

K
cve[email protected]CVE-2008-5055
HistoryNov 13, 2008 - 11:30 a.m.

CVE-2008-5055

2008-11-1311:30:01
CWE-89
web.nvd.nist.gov
27
sql injection
activecampaign
triolive
department_offline_context.php
remote code execution

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.2%

SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php.

Affected configurations

NVD
Node
activecampaigntrioliveRange1.58.6
OR
activecampaigntrioliveMatch1.0
OR
activecampaigntrioliveMatch1.03
OR
activecampaigntrioliveMatch1.04
OR
activecampaigntrioliveMatch1.05
OR
activecampaigntrioliveMatch1.06
OR
activecampaigntrioliveMatch1.07
OR
activecampaigntrioliveMatch1.08
OR
activecampaigntrioliveMatch1.09
OR
activecampaigntrioliveMatch1.10
OR
activecampaigntrioliveMatch1.11
OR
activecampaigntrioliveMatch1.12
OR
activecampaigntrioliveMatch1.13
OR
activecampaigntrioliveMatch1.14
OR
activecampaigntrioliveMatch1.15
OR
activecampaigntrioliveMatch1.16
OR
activecampaigntrioliveMatch1.17
OR
activecampaigntrioliveMatch1.18
OR
activecampaigntrioliveMatch1.19
OR
activecampaigntrioliveMatch1.20
OR
activecampaigntrioliveMatch1.21
OR
activecampaigntrioliveMatch1.22
OR
activecampaigntrioliveMatch1.23
OR
activecampaigntrioliveMatch1.24
OR
activecampaigntrioliveMatch1.25
OR
activecampaigntrioliveMatch1.26
OR
activecampaigntrioliveMatch1.27
OR
activecampaigntrioliveMatch1.28
OR
activecampaigntrioliveMatch1.29
OR
activecampaigntrioliveMatch1.30
OR
activecampaigntrioliveMatch1.31
OR
activecampaigntrioliveMatch1.32
OR
activecampaigntrioliveMatch1.33
OR
activecampaigntrioliveMatch1.34
OR
activecampaigntrioliveMatch1.35
OR
activecampaigntrioliveMatch1.36
OR
activecampaigntrioliveMatch1.37
OR
activecampaigntrioliveMatch1.39
OR
activecampaigntrioliveMatch1.40
OR
activecampaigntrioliveMatch1.41
OR
activecampaigntrioliveMatch1.42
OR
activecampaigntrioliveMatch1.50.1
OR
activecampaigntrioliveMatch1.50.2
OR
activecampaigntrioliveMatch1.50.3
OR
activecampaigntrioliveMatch1.50.4
OR
activecampaigntrioliveMatch1.50.5
OR
activecampaigntrioliveMatch1.50.6
OR
activecampaigntrioliveMatch1.55.0
OR
activecampaigntrioliveMatch1.55.1
OR
activecampaigntrioliveMatch1.55.2
OR
activecampaigntrioliveMatch1.56.1
OR
activecampaigntrioliveMatch1.56.2
OR
activecampaigntrioliveMatch1.56.3
OR
activecampaigntrioliveMatch1.56.4
OR
activecampaigntrioliveMatch1.56.5
OR
activecampaigntrioliveMatch1.57
OR
activecampaigntrioliveMatch1.58.0
OR
activecampaigntrioliveMatch1.58.1
OR
activecampaigntrioliveMatch1.58.2
OR
activecampaigntrioliveMatch1.58.3
OR
activecampaigntrioliveMatch1.58.4
OR
activecampaigntrioliveMatch1.58.5
OR
activecampaigntrioliveMatchunknownbeta2
OR
activecampaigntrioliveMatchunknownbeta3
OR
activecampaigntrioliveMatchunknownbeta5

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.2%

Related for CVE-2008-5055