Lucene search

[email protected]CVE-2008-5123

HistoryNov 18, 2008 - 12:30 a.m.

CVE-2008-5123

2008-11-1800:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-5123

sql injection

admin.php

ccleague pro 1.2

remote code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter.

Affected configurations

NVD

Node

castillocentralccleagueMatch1.2pro

CPENameOperatorVersion
castillocentral:ccleaguecastillocentral ccleagueeq1.2

CPE	Name	Operator	Version
castillocentral:ccleague	castillocentral ccleague	eq	1.2

References

secunia.com/advisories/30796

securityreason.com/securityalert/4604

www.securityfocus.com/bid/29876

exchange.xforce.ibmcloud.com/vulnerabilities/43280

www.exploit-db.com/exploits/5888

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

Related for CVE-2008-5123

cvelist1 prion1 nvd1