Lucene search

K
cve[email protected]CVE-2008-6031
HistoryFeb 03, 2009 - 11:30 a.m.

CVE-2008-6031

2009-02-0311:30:00
CWE-89
web.nvd.nist.gov
19
cve-2008-6031
sql injection
wsn links
vote.php
remote code execution

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.1%

SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable.

Affected configurations

NVD
Node
wsn_linkswsn_linksMatch2.22
OR
wsn_linkswsn_linksMatch2.23

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.1%

Related for CVE-2008-6031