CVE

Id
31767  
CVE No.
CVE-2008-1650  
Status
Candidate  
Description
SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edp_Help_Internal_News action.  
Phase
Assigned (20080402)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
341520 31767 CVE-2008-1650 BUGTRAQ:20080401 EasyNews-40tr Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI)  View
341521 31767 CVE-2008-1650 URL:http://www.securityfocus.com/archive/1/archive/1/490338/100/0/threaded  View
341522 31767 CVE-2008-1650 MILW0RM:5333  View
341523 31767 CVE-2008-1650 URL:http://www.milw0rm.com/exploits/5333  View
341524 31767 CVE-2008-1650 BID:28542  View
341525 31767 CVE-2008-1650 URL:http://www.securityfocus.com/bid/28542  View
341526 31767 CVE-2008-1650 SECUNIA:29624  View
341527 31767 CVE-2008-1650 URL:http://secunia.com/advisories/29624  View
341528 31767 CVE-2008-1650 SREASON:3793  View
341529 31767 CVE-2008-1650 URL:http://securityreason.com/securityalert/3793  View
341530 31767 CVE-2008-1650 XF:easynews-index-sql-injection(41590)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
45975 JVNDB-2008-001285 ネットワーク機器において UPnP が有効になっている場合の問題 UPnP (Universal Plug and Play) に対応し、初期状態から UPnP 機能が有効になっている機器が複数のベンダから提供されています。 CVE-2008-1654 31767 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001285.html  View