Lucene search

[email protected]CVE-2008-6266

HistoryFeb 25, 2009 - 11:30 a.m.

CVE-2008-6266

2009-02-2511:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2008

6266

sql injection

links.php

phpwebsite

vulnerability

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.6%

JSON

SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.

CPENameOperatorVersion
appstate:phpwebsiteappstate phpwebsiteeq0.7.3
appstate:phpwebsiteappstate phpwebsiteeq0.9.3
appstate:phpwebsiteappstate phpwebsiteeq0.9.3-3
appstate:phpwebsiteappstate phpwebsiteeq0.9.3-4
appstate:phpwebsiteappstate phpwebsiteeq0.8.3
appstate:phpwebsiteappstate phpwebsiteeq0.8.2
appstate:phpwebsiteappstate phpwebsiteeq0.9.3-2
appstate:phpwebsiteappstate phpwebsiteeq0.9.3-1

CPE	Name	Operator	Version
appstate:phpwebsite	appstate phpwebsite	eq	0.7.3
appstate:phpwebsite	appstate phpwebsite	eq	0.9.3
appstate:phpwebsite	appstate phpwebsite	eq	0.9.3-3
appstate:phpwebsite	appstate phpwebsite	eq	0.9.3-4
appstate:phpwebsite	appstate phpwebsite	eq	0.8.3
appstate:phpwebsite	appstate phpwebsite	eq	0.8.2
appstate:phpwebsite	appstate phpwebsite	eq	0.9.3-2
appstate:phpwebsite	appstate phpwebsite	eq	0.9.3-1

References

www.securityfocus.com/archive/1/497960/100/0/threaded

www.securityfocus.com/bid/32011

exchange.xforce.ibmcloud.com/vulnerabilities/46298

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.6%

JSON

Related for CVE-2008-6266

cvelist1 prion1