CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-2685

SQL injection vulnerability in article.asp in Battle Blog 1.25 Build 4 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter, a different vector than CVE-2008-2626.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.davethewebguy.com/battleblog/article.asp?entry=24
http://www.vupen.com/english/advisories/2008/1737
https://exchange.xforce.ibmcloud.com/vulnerabilities/43018
http://www.davethewebguy.com/battleblog/article.asp?entry=24
http://www.vupen.com/english/advisories/2008/1737
https://exchange.xforce.ibmcloud.com/vulnerabilities/43018

Products affected by CVE-2008-2685

Battleblog » Battleblog » Version: Any

cpe:2.3:a:battleblog:battleblog:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-2685

Products

Pricing

Contact Us