Lucene search

[email protected]NVD:CVE-2008-5194

HistoryNov 21, 2008 - 5:30 p.m.

CVE-2008-5194

2008-11-2117:30:00

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.001

Percentile

47.9%

JSON

SQL injection vulnerability in checkavail.php in SoftVisions Software Online Booking Manager (obm) 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

Nvd

Node

softvisions_softwareonline_booking_managerMatch2.2

VendorProductVersionCPE
softvisions_softwareonline_booking_manager2.2cpe:2.3:a:softvisions_software:online_booking_manager:2.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
softvisions_software	online_booking_manager	2.2	cpe:2.3:a:softvisions_software:online_booking_manager:2.2:::::::*

References

secunia.com/advisories/30842

securityreason.com/securityalert/4622

www.securityfocus.com/bid/30004

www.vupen.com/english/advisories/2008/1976/references

exchange.xforce.ibmcloud.com/vulnerabilities/43448

www.exploit-db.com/exploits/5964

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.001

Percentile

47.9%

JSON

Related for NVD:CVE-2008-5194

cve1 cvelist1 exploitdb1 prion1