CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6180

SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary SQL commands via the nlb3 cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/32214
http://www.pepelux.org/exploits/newlife-es.txt
http://www.securityfocus.com/archive/1/497283/100/0/threaded
http://www.securityfocus.com/bid/31728
http://www.vupen.com/english/advisories/2008/2797
https://exchange.xforce.ibmcloud.com/vulnerabilities/45820
https://exchange.xforce.ibmcloud.com/vulnerabilities/45821
https://www.exploit-db.com/exploits/6739
http://secunia.com/advisories/32214
http://www.pepelux.org/exploits/newlife-es.txt
http://www.securityfocus.com/archive/1/497283/100/0/threaded
http://www.securityfocus.com/bid/31728
http://www.vupen.com/english/advisories/2008/2797
https://exchange.xforce.ibmcloud.com/vulnerabilities/45820
https://exchange.xforce.ibmcloud.com/vulnerabilities/45821
https://www.exploit-db.com/exploits/6739

Products affected by CVE-2008-6180

Newlife Blogger » Newlife Blogger » Version: Any

cpe:2.3:a:newlife_blogger:newlife_blogger:*
Newlife Blogger » Newlife Blogger » Version: 3.3.1

cpe:2.3:a:newlife_blogger:newlife_blogger:3.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6180

Products

Pricing

Contact Us