CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-2012

SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/28931
https://exchange.xforce.ibmcloud.com/vulnerabilities/42010
https://www.exploit-db.com/exploits/5495
http://www.securityfocus.com/bid/28931
https://exchange.xforce.ibmcloud.com/vulnerabilities/42010
https://www.exploit-db.com/exploits/5495

Products affected by CVE-2008-2012

Postnuke Software Foundation » Postschedule » Version: 1.0

cpe:2.3:a:postnuke_software_foundation:postschedule:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-2012

Products

Pricing

Contact Us