Lucene search
HistorySep 28, 2015 - 2:59 a.m.
CVE-2015-6009
cve-2015-6009
sql injection
web reference database
refbase
remote attackers
arbitrary sql commands
nvd
8.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
46.8%
Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the sqlQuery parameter to search.php, a different issue than CVE-2015-7382.
Affected configurations
Node
refbaserefbaseRange≤0.9.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| refbase:refbase | refbase | le | 0.9.6 |
Related
cve
cve
CVE-2015-7382
2015-09-28 02:59:15
nvd
nvd
CVE-2015-6009
2015-09-28 02:59:05
CVE-2015-7382
2015-09-28 02:59:15
prion
prion
Sql injection
2015-09-28 02:59:00
Sql injection
2015-09-28 02:59:00
cvelist
cvelist
CVE-2015-6009
2015-09-28 01:00:00
CVE-2015-7382
2015-09-28 01:00:00
exploitpack
exploitpack
refbase 0.9.6 - Multiple Vulnerabilities
2015-09-23 00:00:00
zdt
zdt
refbase <= 0.9.6 - Multiple Vulnerabilities
2015-09-23 00:00:00
exploitdb
exploitdb
refbase 0.9.6 - Multiple Vulnerabilities
2015-09-23 00:00:00
openvas
openvas
Web Reference Database Multiple Vulnerabilities
2015-10-05 00:00:00
cert
cert
Web Reference Database (refbase) contains multiple vulnerabilities
2015-09-21 00:00:00
8.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
46.8%
Related for CVE-2015-6009