Lucene search
HistoryAug 08, 2008 - 7:41 p.m.
CVE-2008-3554
cve-2008-3554
sql injection
discuz! 6.0.1
security vulnerability
nvd
remote code execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.6%
SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action.
Affected configurations
Node
comsenzdiscuzMatch6.0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| comsenz:discuz | comsenz discuz | eq | 6.0.1 |
Related
cvelist
cvelist
CVE-2008-3554
2008-08-08 19:00:00
nvd
nvd
CVE-2008-3554
2008-08-08 19:41:00
prion
prion
Sql injection
2008-08-08 19:41:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.6%
Related for CVE-2008-3554