CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1726

Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.9%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/29716
http://www.osvdb.org/44254
http://www.osvdb.org/44255
http://www.osvdb.org/44256
http://www.securityfocus.com/bid/28713
http://www.securityfocus.com/bid/28716
https://exchange.xforce.ibmcloud.com/vulnerabilities/41746
https://www.exploit-db.com/exploits/5421
http://secunia.com/advisories/29716
http://www.osvdb.org/44254
http://www.osvdb.org/44255
http://www.osvdb.org/44256
http://www.securityfocus.com/bid/28713
http://www.securityfocus.com/bid/28716
https://exchange.xforce.ibmcloud.com/vulnerabilities/41746
https://www.exploit-db.com/exploits/5421

Products affected by CVE-2008-1726

Myknowledgequest » Knowledgequest » Version: 2.6

cpe:2.3:a:myknowledgequest:knowledgequest:2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1726

Products

Pricing

Contact Us