CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-2995

Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://securityreason.com/securityalert/3969
http://www.securityfocus.com/archive/1/493273/100/0/threaded
http://www.securityfocus.com/bid/29659
http://securityreason.com/securityalert/3969
http://www.securityfocus.com/archive/1/493273/100/0/threaded
http://www.securityfocus.com/bid/29659

Products affected by CVE-2008-2995

Phpeasydata » Phpeasydata » Version: 1.5.4

cpe:2.3:a:phpeasydata:phpeasydata:1.5.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-2995

Products

Pricing

Contact Us