CVE

Id
34576  
CVE No.
CVE-2008-4459  
Status
Candidate  
Description
SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20081006)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
378729 34576 CVE-2008-4459 MISC:http://www.digitrustgroup.com/advisories/web-application-security-thyme.html  View
378730 34576 CVE-2008-4459 BID:31063  View
378731 34576 CVE-2008-4459 URL:http://www.securityfocus.com/bid/31063  View
378732 34576 CVE-2008-4459 SECUNIA:31782  View
378733 34576 CVE-2008-4459 URL:http://secunia.com/advisories/31782  View
378734 34576 CVE-2008-4459 XF:thyme-pickusers-sql-injection(44970)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
50971 JVNDB-2008-006281 Vastal I-Tech Jobs Zone の view_news.php における SQL インジェクションの脆弱性 Vastal I-Tech Jobs Zone の view_news.php には、SQL インジェクションの脆弱性が存在します。 CVE-2008-4463 34576 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006281.html  View