Lucene search
HistoryJul 16, 2008 - 6:41 p.m.
CVE-2008-3191
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.001
Percentile
50.0%
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.
Affected configurations
Node
marcioforummforumMatch0.1a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| marcioforum | mforum | 0.1a | cpe:2.3:a:marcioforum:mforum:0.1a:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-3191
2008-07-16 18:00:00
exploitdb
exploitdb
MFORUM 0.1a - Arbitrary Add Admin
2008-07-13 00:00:00
cve
cve
CVE-2008-3191
2008-07-16 18:41:00
prion
prion
Sql injection
2008-07-16 18:41:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.001
Percentile
50.0%
Related for NVD:CVE-2008-3191