Appstate phpWebSite up to 0.9.3-4 links.php cid sql injection

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Appstate phpWebSite up to 0.9.3-4 (Content Management System). Affected by this vulnerability is an unknown code block of the file links.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/17/2015 04:11 PM10/30/2018 07:36 AM
typeContent Management SystemContent Management System
vendorAppstateAppstate
namephpWebSitephpWebSite
version0.7.3/0.8.2/0.8.3/0.9.3/0.9.3-1/0.9.3-2/0.9.3-3/0.9.3-40.7.3/0.8.2/0.8.3/0.9.3/0.9.3-1/0.9.3-2/0.9.3-3/0.9.3-4
filelinks.phplinks.php
argumentcidcid
cwe89 (sql injection)89 (sql injection)
risk22
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore7.17.1
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiPP
cvss2_nvd_aiPP
cvss3_meta_basescore7.37.3
cvss3_meta_tempscore7.17.1
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.17.1
date1235520000 (02/25/2009)1235520000 (02/25/2009)
urlhttp://www.securityfocus.com/archive/1/archive/1/497960/100/0/threadedhttp://www.securityfocus.com/archive/1/archive/1/497960/100/0/threaded
price_0day$0-$5k$0-$5k
cveCVE-2008-6266CVE-2008-6266
cve_assigned12354336001235433600
cve_nvd_published12355200001235520000
cve_nvd_summarySQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
securityfocus3201132011
securityfocus_date1225411200 (10/31/2008)1225411200 (10/31/2008)
securityfocus_classInput Validation ErrorInput Validation Error
securityfocus_titlephpWebSite 'links.php' SQL Injection VulnerabilityphpWebSite 'links.php' SQL Injection Vulnerability
xforce4629846298
xforce_titlephpWebSite links.php SQL injectionphpWebSite links.php SQL injection
xforce_identifierphpwebsite-links-sql-injectionphpwebsite-links-sql-injection
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
locationWebsiteWebsite
cvss2_vuldb_eHH
cvss2_vuldb_rlUU
cvss2_vuldb_rcURUR
cvss3_vuldb_eHH
cvss3_vuldb_rlUU
cvss3_vuldb_rcRR
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
person_nameBeenu Arora

Might our Artificial Intelligence support you?

Check our Alexa App!