Lucene search

[email protected]NVD:CVE-2008-6934

HistoryAug 11, 2009 - 9:00 p.m.

CVE-2008-6934

2009-08-1121:00:00

CWE-94

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.113 Low

EPSS

Percentile

95.2%

JSON

Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is accessed. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

sansuartfree_simple_guestbook_php_script

References

osvdb.org/49703

secunia.com/advisories/32643

www.sanusart.com/news.php

www.securityfocus.com/bid/32240

www.vupen.com/english/advisories/2008/3095

exchange.xforce.ibmcloud.com/vulnerabilities/46526

www.exploit-db.com/exploits/7079

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.113 Low

EPSS

Percentile

95.2%

JSON

Related for NVD:CVE-2008-6934

cve1 prion1 cvelist1