Vulnerability Details CVE-2008-1968
Multiple SQL injection vulnerabilities in Cezanne 7 allow remote authenticated users to execute arbitrary SQL commands via the FUNID parameter to (1) CFLookup.asp and (2) CznCommon/CznCustomContainer.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.1%
CVSS Severity
CVSS v2 Score 6.0
References
- http://securityreason.com/securityalert/3830
- http://www.s21sec.com/avisos/s21sec-43-en.txt
- http://www.securityfocus.com/archive/1/490843/100/0/threaded
- http://www.securityfocus.com/bid/28773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41816
- http://securityreason.com/securityalert/3830
- http://www.s21sec.com/avisos/s21sec-43-en.txt
- http://www.securityfocus.com/archive/1/490843/100/0/threaded
- http://www.securityfocus.com/bid/28773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41816