Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3347

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3347
Last Modified 05 Aug 2011 12:00:00
Published 28 Jul 2008 12:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3347

Summary

SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter.

Vulnerable Systems

Application

  • Myiosoft Easydynamicpages 3.0


References

XF - easydynamicpages-read-sql-injection(43917)

VUPEN - ADV-2008-2162

BID - 30305

BUGTRAQ - 20080719 Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )

SREASON - 4046

SECUNIA - 31189


Last Updated: 27 May 2016 10:48:10