CVE-2008-6487

Опубликовано: 18 мар. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.

Ссылки

http://www.securityfocus.com/bid/32217
Exploit
http://www.vupen.com/english/advisories/2008/3068
https://exchange.xforce.ibmcloud.com/vulnerabilities/46500
https://www.exploit-db.com/exploits/7067
http://www.securityfocus.com/bid/32217
Exploit
http://www.vupen.com/english/advisories/2008/3068
https://exchange.xforce.ibmcloud.com/vulnerabilities/46500
https://www.exploit-db.com/exploits/7067

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:digiappz:digiaffiliate:*:*:*:*:*:*:*:*

Версия до 1.4 (включая)

EPSS

Процентиль: 52%

0.00288

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-qc6x-8546-cgv8

github

больше 3 лет назад