CVE-2008-5649

Опубликовано: 17 дек. 2008

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter.

Ссылки

http://secunia.com/advisories/32665
Vendor Advisory
http://securityreason.com/securityalert/4772
http://www.securityfocus.com/bid/32276
Exploit
http://www.vupen.com/english/advisories/2008/3140
https://exchange.xforce.ibmcloud.com/vulnerabilities/46588
https://www.exploit-db.com/exploits/7102
http://secunia.com/advisories/32665
Vendor Advisory
http://securityreason.com/securityalert/4772
http://www.securityfocus.com/bid/32276
Exploit
http://www.vupen.com/english/advisories/2008/3140
https://exchange.xforce.ibmcloud.com/vulnerabilities/46588
https://www.exploit-db.com/exploits/7102

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:alstrasoft:article_manager_pro:1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01226

Низкий

10 Critical

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-h8m2-cv7q-fc22

github

больше 3 лет назад