NVD

Id
2756  
Name
CVE-2008-2862  
Description
Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-06-25  
Modified Date
2009-04-14  
Seq
2008-2862  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
17529 2756 CVE-2008-2862 3957  View
17530 2756 CVE-2008-2862 http://www.bugreport.ir/?/45  View
17531 2756 CVE-2008-2862 5859  View
17532 2756 CVE-2008-2862 20080619 eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities  View
17533 2756 CVE-2008-2862 29812  View
17534 2756 CVE-2008-2862 esc-ansfaq-preview-sql-injection(43190)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47880 JVNDB-2008-003190 ESC における SQL インジェクションの脆弱性 eLineStudio Site Composer (ESC) には、SQL インジェクションの脆弱性が存在します。 CVE-2008-2862 32975 CVE-2008-2862 2756 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003190.html 2008-06-25 2012-06-26 View