Lucene search
HistoryMar 24, 2008 - 11:44 p.m.
CVE-2008-1486
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.8%
SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
Affected configurations
Node
phorumphorumRange≤5.2.5
ORphorumphorumMatch5.0.0_alpha
ORphorumphorumMatch5.0.1_alpha
ORphorumphorumMatch5.0.2_alpha
ORphorumphorumMatch5.0.3_beta
ORphorumphorumMatch5.0.4_beta
ORphorumphorumMatch5.0.4a_beta
ORphorumphorumMatch5.0.5_beta
ORphorumphorumMatch5.0.6_beta
ORphorumphorumMatch5.0.7_beta
ORphorumphorumMatch5.0.7a_beta
ORphorumphorumMatch5.0.8_rc
ORphorumphorumMatch5.0.9
ORphorumphorumMatch5.0.10
ORphorumphorumMatch5.0.11
ORphorumphorumMatch5.0.12
ORphorumphorumMatch5.0.13
ORphorumphorumMatch5.0.13a
ORphorumphorumMatch5.0.14
ORphorumphorumMatch5.0.14a
ORphorumphorumMatch5.0.15
ORphorumphorumMatch5.0.15a
ORphorumphorumMatch5.0.16
ORphorumphorumMatch5.0.17
ORphorumphorumMatch5.0.17a
ORphorumphorumMatch5.0.18
ORphorumphorumMatch5.0.19
ORphorumphorumMatch5.0.20
ORphorumphorumMatch5.1.13
ORphorumphorumMatch5.1.14
ORphorumphorumMatch5.1.17
ORphorumphorumMatch5.1.18
ORphorumphorumMatch5.1.20
ORphorumphorumMatch5.1.21
ORphorumphorumMatch5.1.25
ORphorumphorumMatch5.2
ORphorumphorumMatch5.2.1
ORphorumphorumMatch5.2.2beta
ORphorumphorumMatch5.2.3rc1
ORphorumphorumMatch5.2.4rc2
Related
prion
prion
Sql injection
2008-03-24 23:44:00
cve
cve
CVE-2008-1486
2008-03-24 23:44:00
cvelist
cvelist
CVE-2008-1486
2008-03-24 23:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.8%
Related for NVD:CVE-2008-1486