nvd-json-data-feeds/CVE-2009/CVE-2009-33xx/CVE-2009-3313.json

{
  "id": "CVE-2009-3313",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2009-09-23T12:08:35.233",
  "lastModified": "2017-09-19T01:29:33.343",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en FMyClone v2.3, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"comp\" a (1) index.php y (2) editComments.php, y (3) permite a administradores autenticados ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"id\" en una acci\u00f3n \"comment\" a edit.php."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fmyclone:fmyclone:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1527AFC-08E0-4205-8C8E-00E5789A1D5B"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.exploit-db.com/exploits/9711",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53329",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53330",
      "source": "cve@mitre.org"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2009-3313",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2009-09-23T12:08:35.233",`
			`"lastModified": "2017-09-19T01:29:33.343",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en FMyClone v2.3, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"comp\" a (1) index.php y (2) editComments.php, y (3) permite a administradores autenticados ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"id\" en una acci\u00f3n \"comment\" a edit.php."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "LOW",`
			`"authentication": "SINGLE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "PARTIAL",`
			`"availabilityImpact": "PARTIAL",`
			`"baseScore": 6.5`
			`},`
			`"baseSeverity": "MEDIUM",`
			`"exploitabilityScore": 8.0,`
			`"impactScore": 6.4,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-89"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:fmyclone:fmyclone:2.3:::::::*",`
			`"matchCriteriaId": "B1527AFC-08E0-4205-8C8E-00E5789A1D5B"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://www.exploit-db.com/exploits/9711",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53329",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53330",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`