Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2012

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2012
Last Modified 05 Sep 2008 12:00:00
Published 29 Apr 2008 08:10:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2012

Summary

SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action.

Vulnerable Systems

Application

  • Postnuke Software Foundation Postschedule 1.0


References

XF - postschedule-index-sql-injection(42010)

BID - 28931

MILW0RM - 5495


Last Updated: 27 May 2016 10:47:44