Lucene search
HistoryMar 02, 2009 - 7:30 p.m.
CVE-2008-6381
sql injection
bcoos
addresses module
vulnerability
nvd
8.3 High
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
90.0%
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
Affected configurations
Node
bcoosbcoosRange≤1.0.13
ORbcoosbcoosMatch1.0.9
ORbcoosbcoosMatch1.0.10
ORbcoosbcoosMatch1.0.11
ORbcoosbcoosMatch1.0.12
| CPE | Name | Operator | Version |
|---|---|---|---|
| bcoos:bcoos | bcoos | le | 1.0.13 |
| bcoos:bcoos | bcoos | eq | 1.0.9 |
| bcoos:bcoos | bcoos | eq | 1.0.10 |
| bcoos:bcoos | bcoos | eq | 1.0.11 |
| bcoos:bcoos | bcoos | eq | 1.0.12 |
Related
cvelist
cvelist
CVE-2008-6381
2009-03-02 19:00:00
prion
prion
Sql injection
2009-03-02 19:30:00
nvd
nvd
CVE-2008-6381
2009-03-02 19:30:00
8.3 High
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
90.0%
Related for CVE-2008-6381