CVE-2008-4169

Опубликовано: 22 сент. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.

Ссылки

http://secunia.com/advisories/31788
http://securityreason.com/securityalert/4286
http://www.securityfocus.com/bid/31202
https://exchange.xforce.ibmcloud.com/vulnerabilities/45160
https://www.exploit-db.com/exploits/6467
http://secunia.com/advisories/31788
http://securityreason.com/securityalert/4286
http://www.securityfocus.com/bid/31202
https://exchange.xforce.ibmcloud.com/vulnerabilities/45160
https://www.exploit-db.com/exploits/6467

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iscripts:easyindex:*:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00421

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-g5cg-2mj2-5gf4

github

почти 4 года назад