Lucene search

[email protected]CVE-2008-5928

HistoryJan 21, 2009 - 6:30 p.m.

CVE-2008-5928

2009-01-2118:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-5928

sql injection

redir.php

free links directory script

flds 1.2a

remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.5%

JSON

SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

flds-scriptfldsMatch1.2a

CPENameOperatorVersion
flds-script:fldsflds-script fldseq1.2a

CPE	Name	Operator	Version
flds-script:flds	flds-script flds	eq	1.2a

References

secunia.com/advisories/33075

securityreason.com/securityalert/4929

www.securityfocus.com/bid/32813

exchange.xforce.ibmcloud.com/vulnerabilities/48185

www.exploit-db.com/exploits/7453

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.5%

JSON

Related for CVE-2008-5928

prion1 cvelist1 nvd1