Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2008-1591
HistoryMar 31, 2008 - 11:00 p.m.

CVE-2008-1591

2008-03-3123:00:00
mitre
www.cve.org
1

AI Score

8.4

Confidence

Low

EPSS

0.001

Percentile

29.9%

JSON

The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable).

Related

nvd 1
exploitdb 1
prion 1
cve 1
nvd
nvd
CVE-2008-1591
2008-03-31 23:44:00
exploitdb
exploitdb
PostNuke 0.764 - Blind SQL Injection
2008-03-21 00:00:00
prion
prion
Sql injection
2008-03-31 23:44:00
cve
cve
CVE-2008-1591
2008-03-31 23:44:00

AI Score

8.4

Confidence

Low

EPSS

0.001

Percentile

29.9%

JSON
Related for CVELIST:CVE-2008-1591
nvd1exploitdb1prion1cve1