Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2455

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2455
Last Modified 02 Apr 2009 01:34:47
Published 27 May 2008 10:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2455

Summary

SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter.

Vulnerable Systems

Application

  • E107coders E107 Blog Engine 2.2


References

XF - blogengine-comment-sql-injection(42386)

BID - 29181

MILW0RM - 5604

SECUNIA - 30212


Last Updated: 27 May 2016 10:47:52