exploitDog

CVE-2008-6776

Опубликовано: 01 мая 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.

Ссылки

http://osvdb.org/49540
Exploit
http://secunia.com/advisories/32532
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46278
https://www.exploit-db.com/exploits/6914
http://osvdb.org/49540
Exploit
http://secunia.com/advisories/32532
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/46278
https://www.exploit-db.com/exploits/6914

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scripts-for-sites:ez_hot_or_not:*:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00338

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-c255-7795-g7f8

github

больше 3 лет назад

SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.

EPSS

Процентиль: 56%

0.00338

Низкий

7.5 High

CVSS2

Дефекты

CWE-89