Vulnerability Details CVE-2008-5774
Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/33172
- http://www.securityfocus.com/bid/32812
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47319
- https://www.exploit-db.com/exploits/7462
- http://secunia.com/advisories/33172
- http://www.securityfocus.com/bid/32812
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47319
- https://www.exploit-db.com/exploits/7462
Products affected by CVE-2008-5774
-
cpe:2.3:a:aspsiteware:homebuilder:1.0
-
cpe:2.3:a:aspsiteware:homebuilder:2.0