Lucene search
HistoryFeb 19, 2009 - 6:30 p.m.
CVE-2008-6189
cve-2008-6189
sql injection
gforge
remote attackers
arbitrary commands
database-pgsql.php
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.0%
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
Affected configurations
Node
gforgegforgeMatch4.5.19
| CPE | Name | Operator | Version |
|---|---|---|---|
| gforge:gforge | gforge | eq | 4.5.19 |
Related
ubuntucve
ubuntucve
CVE-2008-6189
2009-02-19 00:00:00
prion
prion
Sql injection
2009-02-19 18:30:00
nvd
nvd
CVE-2008-6189
2009-02-19 18:30:00
openvas
openvas
Scripts For Sites EZ Hotscripts SQL Injection Vulnerability
2009-03-06 00:00:00
GForge Multiple SQLi Vulnerabilities (Mar 2009) - Active Check
2009-03-06 00:00:00
Scripts For Sites EZ Hotscripts SQLi Vulnerability (32031) - Active Check
2009-03-06 00:00:00
cvelist
cvelist
CVE-2008-6189
2009-02-19 18:00:00
nessus
nessus
GForge top/topusers.php offset Parameter SQL Injection
2008-10-14 00:00:00
seebug
seebug
GForge多个SQL注入漏洞
2009-02-20 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.0%
Related for CVE-2008-6189