Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3388

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3388
Last Modified 29 Jan 2009 01:53:16
Published 30 Jul 2008 02:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3388

Summary

Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to (1) comaddok.php and (2) comlook.php.

Vulnerable Systems

Application

  • Easy-script Def Blog 1.0.3


References

XF - defblog-comaddok-comlook-sql-injection(43909)

BID - 30289

BUGTRAQ - 20080718 Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities

SREASON - 4079

SECUNIA - 31174


Last Updated: 27 May 2016 10:48:10