CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1549

Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.5%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/29533
http://securityreason.com/securityalert/3787
http://www.securityfocus.com/archive/1/490033/100/0/threaded
http://www.securityfocus.com/bid/28436
https://exchange.xforce.ibmcloud.com/vulnerabilities/41429
http://secunia.com/advisories/29533
http://securityreason.com/securityalert/3787
http://www.securityfocus.com/archive/1/490033/100/0/threaded
http://www.securityfocus.com/bid/28436
https://exchange.xforce.ibmcloud.com/vulnerabilities/41429

Products affected by CVE-2008-1549

Aeries » Aeries Student Information System » Version: 3.8.3.14

cpe:2.3:a:aeries:aeries_student_information_system:3.8.3.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1549

Products

Pricing

Contact Us