Lucene search

K
cve[email protected]CVE-2008-5634
HistoryDec 17, 2008 - 5:30 p.m.

CVE-2008-5634

2008-12-1717:30:00
CWE-89
web.nvd.nist.gov
24
cve-2008-5634
sql injection
active force matrix 2.0
security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.6

Confidence

Low

EPSS

0.001

Percentile

49.8%

SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
activewebsoftwaresactive_force_matrixMatch2.0

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.6

Confidence

Low

EPSS

0.001

Percentile

49.8%

Related for CVE-2008-5634