exploitDog

CVE-2008-6104

Опубликовано: 10 фев. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php.

Ссылки

http://packetstorm.linuxsecurity.com/0810-exploits/a4desk-sqldisclose.txt
Exploit
http://secunia.com/advisories/32083
Vendor Advisory
http://www.securityfocus.com/bid/33835
http://packetstorm.linuxsecurity.com/0810-exploits/a4desk-sqldisclose.txt
Exploit
http://secunia.com/advisories/32083
Vendor Advisory
http://www.securityfocus.com/bid/33835

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:a4desk:a4desk_flash_event_calendar:*:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00149

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-9p67-ppmf-hcm8

github

больше 3 лет назад

SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php.

EPSS

Процентиль: 36%

0.00149

Низкий

7.5 High

CVSS2

Дефекты

CWE-89