Lucene search

[email protected]CVE-2008-5788

HistoryDec 31, 2008 - 11:30 a.m.

CVE-2008-5788

2008-12-3111:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-5788

sql injection

domain seller pro 1.5

remote attack

arbitrary commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.0%

JSON

SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

domainsellerprodomain_seller_proMatch1.5

CPENameOperatorVersion
domainsellerpro:domain_seller_prodomainsellerpro domain seller proeq1.5

CPE	Name	Operator	Version
domainsellerpro:domain_seller_pro	domainsellerpro domain seller pro	eq	1.5

References

secunia.com/advisories/32637

securityreason.com/securityalert/4833

www.securityfocus.com/bid/32201

www.vupen.com/english/advisories/2008/3076

exchange.xforce.ibmcloud.com/vulnerabilities/46475

www.exploit-db.com/exploits/7052

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for CVE-2008-5788

nvd1 cvelist1 prion1