Vulnerability Details CVE-2008-1872
SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/29697
- http://www.securityfocus.com/bid/28622
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41663
- https://www.exploit-db.com/exploits/5362
- http://secunia.com/advisories/29697
- http://www.securityfocus.com/bid/28622
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41663
- https://www.exploit-db.com/exploits/5362
Products affected by CVE-2008-1872
-
cpe:2.3:a:comdev:comdev_news_publisher:4.1.2