Lucene search

[email protected]NVD:CVE-2008-5652

HistoryDec 17, 2008 - 6:30 p.m.

CVE-2008-5652

2008-12-1718:30:01

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

myiosofteasybookmarkerMatch4.0

VendorProductVersionCPE
myiosofteasybookmarker4.0cpe:2.3:a:myiosoft:easybookmarker:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
myiosoft	easybookmarker	4.0	cpe:2.3:a:myiosoft:easybookmarker:4.0:::::::*

References

osvdb.org/49701

secunia.com/advisories/32673

securityreason.com/securityalert/4770

www.securityfocus.com/bid/32199

www.vupen.com/english/advisories/2008/3075

exchange.xforce.ibmcloud.com/vulnerabilities/46447

www.exploit-db.com/exploits/7045

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

Related for NVD:CVE-2008-5652

prion1 cvelist1 cve1 exploitdb1