Vulnerability Details CVE-2008-6250
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.7%
CVSS Severity
CVSS v2 Score 6.8
References
- http://e-rdc.org/v1/news.php?readmore=102
- http://secunia.com/advisories/31100
- http://www.securityfocus.com/archive/1/494412/100/0/threaded
- http://www.securityfocus.com/bid/30237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43776
- https://www.exploit-db.com/exploits/6079
- http://e-rdc.org/v1/news.php?readmore=102
- http://secunia.com/advisories/31100
- http://www.securityfocus.com/archive/1/494412/100/0/threaded
- http://www.securityfocus.com/bid/30237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43776
- https://www.exploit-db.com/exploits/6079
Products affected by CVE-2008-6250
-
cpe:2.3:a:comdev:comdev_web_blogger:*
-
cpe:2.3:a:comdev:comdev_web_blogger:4.1