Lucene search
MitreCVE-2008-2860HistoryJun 25, 2008 - 12:36 p.m.
CVE-2008-2860
2008-06-2512:36:00
CWE-89
mitre
web.nvd.nist.gov
21
cve
2008
2860
sql injection
ajsquare
aj auction pro
web 2.0
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
27.8%
SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.
Affected configurations
Node
aj_squareaj_auctionMatchweb_2.0pro
| Vendor | Product | Version | CPE |
|---|---|---|---|
| aj_square | aj_auction | web_2.0 | cpe:2.3:a:aj_square:aj_auction:web_2.0:*:pro:*:*:*:*:* |
Related
prion
prion
Sql injection
2008-06-25 12:36:00
exploitdb
exploitdb
AJ Auction Web 2.0 - 'cate_id' SQL Injection
2008-06-19 00:00:00
nvd
nvd
CVE-2008-2860
2008-06-25 12:36:00
cvelist
cvelist
CVE-2008-2860
2008-06-25 10:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.4
Confidence
Low
EPSS
0.001
Percentile
27.8%
Related for CVE-2008-2860