CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5631

SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/32927
https://exchange.xforce.ibmcloud.com/vulnerabilities/46910
https://www.exploit-db.com/exploits/7279
http://secunia.com/advisories/32927
https://exchange.xforce.ibmcloud.com/vulnerabilities/46910
https://www.exploit-db.com/exploits/7279

Products affected by CVE-2008-5631

Activewebsoftwares » Active Ewebquiz » Version: 8.0

cpe:2.3:a:activewebsoftwares:active_ewebquiz:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5631

Products

Pricing

Contact Us