CVE-2008-6328

Опубликовано: 27 фев. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Ссылки

http://secunia.com/advisories/33086
Vendor Advisory
http://www.securityfocus.com/bid/29700
https://www.exploit-db.com/exploits/5797
https://www.exploit-db.com/exploits/7411
http://secunia.com/advisories/33086
Vendor Advisory
http://www.securityfocus.com/bid/29700
https://www.exploit-db.com/exploits/5797
https://www.exploit-db.com/exploits/7411

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:butterflymedia:butterfly_organizer:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:butterflymedia:butterfly_organizer:2.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00469

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-7pg9-gwfp-fcx2

github

больше 3 лет назад