Lucene search
MitreCVE-2008-6326HistoryFeb 27, 2009 - 11:30 a.m.
CVE-2008-6326
2009-02-2711:30:00
CWE-89
mitre
web.nvd.nist.gov
28
cve-2008-6326
sql injection
login.php
simple customer
remote attackers
arbitrary commands
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
49.8%
SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected configurations
Node
simplecustomersimple_customerMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| simplecustomer | simple_customer | - | cpe:2.3:a:simplecustomer:simple_customer:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-6326
2009-02-27 11:00:00
nvd
nvd
CVE-2008-6326
2009-02-27 11:30:00
prion
prion
Sql injection
2009-02-27 11:30:00
exploitdb
exploitdb
Simple Customer 1.2 - Authentication Bypass
2008-11-17 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
49.8%
Related for CVE-2008-6326