CVE-2008-6366 in Affiliate Software Javainformazioni

Riassunto

di MITRE

SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

02/03/2009

Divulgazione

02/03/2009

Moderazione

accettato

Voce

VDB-46906

CPE

pronto

CWE

CWE-89 (confermato)

Sfruttamento

Scaricare

CVSS

7.5 (NVD)

EPSS

0.03354

KEV

Attività

molto basso

Settore

Transportation, Telecommunication

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-6366
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-6366
CVE Details	https://www.cvedetails.com/cve/CVE-2008-6366/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!