Lucene search

[email protected]NVD:CVE-2008-5573

HistoryDec 15, 2008 - 6:00 p.m.

CVE-2008-5573

2008-12-1518:00:00

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.011

Percentile

85.0%

JSON

SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters.

Affected configurations

Nvd

Node

adcompletepoll_proMatch2.0

VendorProductVersionCPE
adcompletepoll_pro2.0cpe:2.3:a:adcomplete:poll_pro:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adcomplete	poll_pro	2.0	cpe:2.3:a:adcomplete:poll_pro:2.0:::::::*

References

osvdb.org/50576

secunia.com/advisories/33044

securityreason.com/securityalert/4741

www.securityfocus.com/bid/32707

exchange.xforce.ibmcloud.com/vulnerabilities/47169

www.exploit-db.com/exploits/7391

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.011

Percentile

85.0%

JSON

Related for NVD:CVE-2008-5573

cve1 prion1 cvelist1 exploitdb1