Lucene search
MitreCVE-2008-6274HistoryFeb 25, 2009 - 11:30 p.m.
CVE-2008-6274
2009-02-2523:30:00
CWE-89
mitre
web.nvd.nist.gov
22
cve
sql injection
index.php
familyproject 2.0
remote attackers
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.001
Percentile
47.7%
Multiple SQL injection vulnerabilities in index.php in FamilyProject 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the logmbr parameter (aka login field) or (2) the mdpmbr parameter (aka pass or “Mot de passe” field). NOTE: some of these details are obtained from third party information.
Affected configurations
Node
mjcreationfamilyprojectMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mjcreation | familyproject | 2.0 | cpe:2.3:a:mjcreation:familyproject:2.0:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2009-02-25 23:30:00
exploitdb
exploitdb
Family Project 2.x - Authentication Bypass
2008-11-27 00:00:00
nvd
nvd
CVE-2008-6274
2009-02-25 23:30:00
cvelist
cvelist
CVE-2008-6274
2009-02-25 23:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.001
Percentile
47.7%
Related for CVE-2008-6274