Lucene search
HistorySep 15, 2008 - 5:12 p.m.
CVE-2008-4090
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.008
Percentile
81.8%
SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672.
Affected configurations
Node
couponscriptcoupon_scriptMatch4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| couponscript | coupon_script | 4.0 | cpe:2.3:a:couponscript:coupon_script:4.0:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2008-09-15 17:12:00
Sql injection
2007-05-14 23:19:00
cvelist
cvelist
CVE-2008-4090
2008-09-15 16:00:00
CVE-2007-2672
2007-05-14 23:00:00
cve
cve
CVE-2008-4090
2008-09-15 17:12:51
CVE-2007-2672
2007-05-14 23:19:00
exploitdb
exploitdb
PHP Coupon Script 3.0 - 'bus' SQL Injection
2007-05-03 00:00:00
Coupon Script 4.0 - 'id' SQL Injection
2008-09-02 00:00:00
nvd
nvd
CVE-2007-2672
2007-05-14 23:19:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.008
Percentile
81.8%
Related for NVD:CVE-2008-4090