mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
119 lines
3.6 KiB
JSON
119 lines
3.6 KiB
JSON
{
|
|
"id": "CVE-2008-5841",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2009-01-05T16:30:04.233",
|
|
"lastModified": "2024-11-21T00:55:00.610",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en iGaming v1.5 y anteriores, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n mediante el par\u00e1metro browse en (1) previews.php y (2) reviews.php, y el par\u00e1metro id en index.php en una acci\u00f3n viewarticle."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 7.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-89"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:igamingcms:igaming_cms:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.5",
|
|
"matchCriteriaId": "B3DB55EC-1718-4ACE-A278-951A5EA6D48D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:igamingcms:igaming_cms:1.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5E08D0C7-1C1C-4437-9184-4A96DCDB7111"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:igamingcms:igaming_cms:1.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A4B664E9-B0C7-4B26-A1F7-3AEE7A7FEB56"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://securityreason.com/securityalert/4867",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/31340",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45366",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.exploit-db.com/exploits/6540",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/4867",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/31340",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45366",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://www.exploit-db.com/exploits/6540",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |