Lucene search

[email protected]CVE-2008-6033

HistoryFeb 03, 2009 - 11:30 a.m.

CVE-2008-6033

2009-02-0311:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2008

6033

sql injection

vulnerability

comments.php

wsn links 2.20

remote attackers

arbitrary sql commands

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.1%

JSON

SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

wsn_linkswsn_linksMatch2.20

CPENameOperatorVersion
wsn_links:wsn_linkswsn linkseq2.20

CPE	Name	Operator	Version
wsn_links:wsn_links	wsn links	eq	2.20

References

www.securityfocus.com/bid/31302

www.exploit-db.com/exploits/6525

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.1%

JSON

Related for CVE-2008-6033

prion1 cvelist1 nvd1