exploitDog

CVE-2008-5631

Опубликовано: 17 дек. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:activewebsoftwares:active_ewebquiz:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00485

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-h5v7-7qm3-r9v2

github

больше 3 лет назад

SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 65%

0.00485

Низкий

7.5 High

CVSS2

Дефекты

CWE-89