Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3588

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3588
Last Modified 18 Mar 2009 01:40:47
Published 11 Aug 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3588

Summary

Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php.

Vulnerable Systems

Application

  • Phsblog 0.1.1


References

XF - phsblog-multiple-sql-injection(44163)

MILW0RM - 6190

SREASON - 4135


Last Updated: 27 May 2016 10:48:14