Lucene search

[email protected]CVE-2008-5774

HistoryDec 30, 2008 - 8:30 p.m.

CVE-2008-5774

2008-12-3020:30:01

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-5774

sql injection

aspsiteware homebuilder

remote attackers

nvd

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.2%

JSON

Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to © detail.asp.

Affected configurations

NVD

Node

aspsitewarehomebuilderMatch1.0

aspsitewarehomebuilderMatch2.0

CPENameOperatorVersion
aspsiteware:homebuilderaspsiteware homebuildereq1.0
aspsiteware:homebuilderaspsiteware homebuildereq2.0

CPE	Name	Operator	Version
aspsiteware:homebuilder	aspsiteware homebuilder	eq	1.0
aspsiteware:homebuilder	aspsiteware homebuilder	eq	2.0

References

secunia.com/advisories/33172

www.securityfocus.com/bid/32812

exchange.xforce.ibmcloud.com/vulnerabilities/47319

www.exploit-db.com/exploits/7462

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.2%

JSON

Related for CVE-2008-5774

cvelist1 nvd1 prion1