CVE-2008-6366 in Affiliate Software Javainfo

Zusammenfassung

von MITRE

SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

02.03.2009

Veröffentlichung

02.03.2009

Moderieren

akzeptiert

Eintrag

VDB-46906

CPE

bereit

CWE

CWE-89 (bestätigt)

Exploit

Download

CVSS

7.5 (NVD)

EPSS

0.03354

KEV

nein

Aktivitäten

very low

Sektor

Telecommunication, Transportation

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-6366
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-6366
CVE Details	https://www.cvedetails.com/cve/CVE-2008-6366/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!