CVE-2008-4354

Опубликовано: 30 сент. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in the products module in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php.

Ссылки

http://secunia.com/advisories/31871
http://www.securityfocus.com/bid/31159
Exploit
http://www.vupen.com/english/advisories/2008/2561
https://exchange.xforce.ibmcloud.com/vulnerabilities/45110
https://www.exploit-db.com/exploits/6444
http://secunia.com/advisories/31871
http://www.securityfocus.com/bid/31159
Exploit
http://www.vupen.com/english/advisories/2008/2561
https://exchange.xforce.ibmcloud.com/vulnerabilities/45110
https://www.exploit-db.com/exploits/6444

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:net_art_media:iboutique:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00436

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-86c8-rrq8-65q9

github

почти 4 года назад