Lucene search

[email protected]CVE-2008-5813

HistoryJan 02, 2009 - 6:11 p.m.

CVE-2008-5813

2009-01-0218:11:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-5813

sql injection

spip

remote code execution

nvd

security vulnerability

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
spip:spipspipeq2.0.0
spip:spipspipeq1.8b3
spip:spipspipeq1.9.2
spip:spipspipeq1.9.2f
spip:spipspipeq1.8
spip:spipspipeq1.8.1
spip:spipspipeq1.9.1
spip:spipspipeq1.8.2b
spip:spipspipeq1.8b6
spip:spipspipeq1.8.2

CPE	Name	Operator	Version
spip:spip	spip	eq	2.0.0
spip:spip	spip	eq	1.8b3
spip:spip	spip	eq	1.9.2
spip:spip	spip	eq	1.9.2f
spip:spip	spip	eq	1.8
spip:spip	spip	eq	1.8.1
spip:spip	spip	eq	1.9.1
spip:spip	spip	eq	1.8.2b
spip:spip	spip	eq	1.8b6
spip:spip	spip	eq	1.8.2

Rows per page:

1-10 of 171

References

secunia.com/advisories/33307

www.securityfocus.com/bid/33021

www.securityfocus.com/bid/33061

www.spip-contrib.net/SPIP-1-8-3b-1-9-2g-2-2

exchange.xforce.ibmcloud.com/vulnerabilities/47626

exchange.xforce.ibmcloud.com/vulnerabilities/47695

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for CVE-2008-5813

prion1 ubuntucve1 debiancve1