Lucene search

[email protected]CVE-2008-5785

HistoryDec 31, 2008 - 11:30 a.m.

CVE-2008-5785

2008-12-3111:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2008

5785

sql injection

v3 chat

profiles

dating script 3.0.2

nvd

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.7%

JSON

SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.

Affected configurations

NVD

Node

v3chatv3_chat_profiles_dating_scriptMatch3.0.2

CPENameOperatorVersion
v3chat:v3_chat_profiles_dating_scriptv3chat v3 chat profiles dating scripteq3.0.2

CPE	Name	Operator	Version
v3chat:v3_chat_profiles_dating_script	v3chat v3 chat profiles dating script	eq	3.0.2

References

securityreason.com/securityalert/4846

www.securityfocus.com/bid/32214

www.vupen.com/english/advisories/2008/3071

exchange.xforce.ibmcloud.com/vulnerabilities/46478

www.exploit-db.com/exploits/7061

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.7%

JSON

Related for CVE-2008-5785

prion1 cvelist1 nvd1