Vulnerability Details CVE-2008-4175
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.3%
CVSS Severity
CVSS v2 Score 6.5
References
- http://secunia.com/advisories/31853
- http://securityreason.com/securityalert/4299
- http://www.securityfocus.com/bid/31191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45153
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45155
- https://www.exploit-db.com/exploits/6466
- http://secunia.com/advisories/31853
- http://securityreason.com/securityalert/4299
- http://www.securityfocus.com/bid/31191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45153
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45155
- https://www.exploit-db.com/exploits/6466
Products affected by CVE-2008-4175
-
cpe:2.3:a:linkbidscript:linkbidscript:1.5