CVE

Id
32790  
CVE No.
CVE-2008-2673  
Status
Candidate  
Description
SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the shownews parameter.  
Phase
Assigned (20080611)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
354975 32790 CVE-2008-2673 MILW0RM:5768  View
354976 32790 CVE-2008-2673 URL:http://www.milw0rm.com/exploits/5768  View
354977 32790 CVE-2008-2673 BID:29617  View
354978 32790 CVE-2008-2673 URL:http://www.securityfocus.com/bid/29617  View
354979 32790 CVE-2008-2673 SECUNIA:30577  View
354980 32790 CVE-2008-2673 URL:http://secunia.com/advisories/30577  View
354981 32790 CVE-2008-2673 XF:pnews-shownews-sql-injection(42951)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
50571 JVNDB-2008-005881 Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性 Telephone Directory 2008 の edit1.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-2677 32790 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005881.html  View