CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-3129

Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value parameter in the news page and (2) webpage parameter in the webpage_multi_edit form.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/30014
https://exchange.xforce.ibmcloud.com/vulnerabilities/43468
https://www.exploit-db.com/exploits/5974
http://www.securityfocus.com/bid/30014
https://exchange.xforce.ibmcloud.com/vulnerabilities/43468
https://www.exploit-db.com/exploits/5974

Products affected by CVE-2008-3129

Catviz » Catviz » Version: 0.4_beta_1

cpe:2.3:a:catviz:catviz:0.4_beta_1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3129

Products

Pricing

Contact Us