Lucene search

[email protected]CVE-2008-0363

HistoryJan 18, 2008 - 10:00 p.m.

CVE-2008-0363

2008-01-1822:00:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2008-0363

sql injection

clever copy

security vulnerabilities

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.7%

JSON

Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php.

Affected configurations

NVD

Node

clever_copyclever_copyRange≤3.0

CPENameOperatorVersion
clever_copy:clever_copyclever copyle3.0

CPE	Name	Operator	Version
clever_copy:clever_copy	clever copy	le	3.0

References

secunia.com/advisories/28560

securityreason.com/securityalert/3553

www.securityfocus.com/archive/1/486492/100/0/threaded

www.securityfocus.com/bid/27335

exchange.xforce.ibmcloud.com/vulnerabilities/39746

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.7%

JSON

Related for CVE-2008-0363

cvelist2 nvd2 prion2 cve1