CVE Vulnerability

CVE-2008-5652

SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://secunia.com/advisories/32673 Vendor Advisory
http://osvdb.org/49701
http://www.securityfocus.com/bid/32199
http://securityreason.com/securityalert/4770
http://www.vupen.com/english/advisories/2008/3075
https://exchange.xforce.ibmcloud.com/vulnerabilities/46447
https://www.exploit-db.com/exploits/7045
Configurations

Configuration 1

cpe:2.3:a:myiosoft:easybookmarker:4.0:*:*:*:*:*:*:*
Information

Published : 2008-12-17 06:30

Updated : 2017-09-29 01:32

NVD link : CVE-2008-5652

Mitre link : CVE-2008-5652

Products Affected
No products.
CWE
CWE-89