Lucene search
HistoryMar 02, 2009 - 7:30 p.m.
CVE-2008-6383
cve-2008-6383
sql injection
speedtech
organization and resource manager
storm
drupal
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.7%
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
Affected configurations
Node
drupalstormMatch5.x-1.1
ORdrupalstormMatch5.x-1.2
ORdrupalstormMatch5.x-1.3
ORdrupalstormMatch5.x-1.4
ORdrupalstormMatch5.x-1.5
ORdrupalstormMatch5.x-1.6
ORdrupalstormMatch5.x-1.7
ORdrupalstormMatch5.x-1.8
ORdrupalstormMatch5.x-1.9
ORdrupalstormMatch5.x-1.10
ORdrupalstormMatch5.x-1.11
ORdrupalstormMatch5.x-1.12
ORdrupalstormMatch5.x-1.13
ORdrupalstormMatch5.x-1.x-dev
ORdrupalstormMatch6.x-1.0
ORdrupalstormMatch6.x-1.1
ORdrupalstormMatch6.x-1.2
ORdrupalstormMatch6.x-1.3
ORdrupalstormMatch6.x-1.4
ORdrupalstormMatch6.x-1.5
ORdrupalstormMatch6.x-1.6
ORdrupalstormMatch6.x-1.7
ORdrupalstormMatch6.x-1.8
ORdrupalstormMatch6.x-1.9
ORdrupalstormMatch6.x-1.10
ORdrupalstormMatch6.x-1.11
ORdrupalstormMatch6.x-1.12
ORdrupalstormMatch6.x-1.13
ORdrupalstormMatch6.x-1.14
ORdrupalstormMatch6.x-1.15
ORdrupalstormMatch6.x-1.16
ORdrupalstormMatch6.x-1.17
ORdrupalstormMatch6.x-1.x-dev
drupaldrupal
Related
nvd
nvd
CVE-2008-6383
2009-03-02 19:30:00
prion
prion
Sql injection
2009-03-02 19:30:00
cvelist
cvelist
CVE-2008-6383
2009-03-02 19:00:00
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.7%
Related for CVE-2008-6383