Vulnerability Details CVE-2008-6266
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/archive/1/497960/100/0/threaded
- http://www.securityfocus.com/bid/32011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46298
- http://www.securityfocus.com/archive/1/497960/100/0/threaded
- http://www.securityfocus.com/bid/32011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46298
Products affected by CVE-2008-6266
-
cpe:2.3:a:appstate:phpwebsite:0.7.3
-
cpe:2.3:a:appstate:phpwebsite:0.8.2
-
cpe:2.3:a:appstate:phpwebsite:0.8.3
-
cpe:2.3:a:appstate:phpwebsite:0.9.3
-
cpe:2.3:a:appstate:phpwebsite:0.9.3-1
-
cpe:2.3:a:appstate:phpwebsite:0.9.3-2
-
cpe:2.3:a:appstate:phpwebsite:0.9.3-3
-
cpe:2.3:a:appstate:phpwebsite:0.9.3-4