Lucene search

[email protected]CVE-2008-5574

HistoryDec 15, 2008 - 6:00 p.m.

CVE-2008-5574

2008-12-1518:00:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-5574

sql injection

member.php

webmaster marketplace

remote attackers

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.9%

JSON

SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter.

Affected configurations

NVD

Node

unscriptswebmaster_marketplaceMatch_nil_

CPENameOperatorVersion
unscripts:webmaster_marketplaceunscripts webmaster marketplaceeqnil

CPE	Name	Operator	Version
unscripts:webmaster_marketplace	unscripts webmaster marketplace	eq	nil

References

osvdb.org/50655

secunia.com/advisories/33096

securityreason.com/securityalert/4747

www.securityfocus.com/bid/32756

exchange.xforce.ibmcloud.com/vulnerabilities/47210

www.exploit-db.com/exploits/7407

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.9%

JSON

Related for CVE-2008-5574

nvd1 cvelist1 prion1