Lucene search
HistoryJul 02, 2009 - 10:30 a.m.
CVE-2009-2311
sql injection
rgallery plugin
woltlab burning board
wbb3
cve-2009-2311
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.5%
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
Affected configurations
Node
selbstzweckrgallery_pluginMatch1.2.3
woltlabburning_board
| CPE | Name | Operator | Version |
|---|---|---|---|
| selbstzweck:rgallery_plugin | selbstzweck rgallery plugin | eq | 1.2.3 |
Related
prion
prion
Sql injection
2009-07-02 10:30:00
Sql injection
2008-10-21 01:18:00
cvelist
cvelist
CVE-2009-2311
2009-07-02 10:00:00
CVE-2008-4627
2008-10-21 00:00:00
nvd
nvd
CVE-2009-2311
2009-07-02 10:30:00
CVE-2008-4627
2008-10-21 01:18:02
cve
cve
CVE-2008-4627
2008-10-21 01:18:02
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.5%
Related for CVE-2009-2311