CVE-2008-1626

Опубликовано: 02 апр. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. NOTE: this might overlap CVE-2008-0159.

Ссылки

http://eggblog.net/news.php?id=39
Patch
http://secunia.com/advisories/29583
Vendor Advisory
http://sourceforge.net/project/showfiles.php?group_id=155425&package_id=173141&release_id=587701
Patch
http://www.securityfocus.com/bid/28497
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/41512
http://eggblog.net/news.php?id=39
Patch
http://secunia.com/advisories/29583
Vendor Advisory
http://sourceforge.net/project/showfiles.php?group_id=155425&package_id=173141&release_id=587701
Patch
http://www.securityfocus.com/bid/28497
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/41512

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:eggblog:eggblog:*:*:*:*:*:*:*:*

Версия до 4.0 (включая)

EPSS

Процентиль: 61%

0.0041

Низкий

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-qx8h-8hpp-f9f9

github

почти 4 года назад