NVD

Id
4192  
Name
CVE-2008-4364  
Description
SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-09-30  
Modified Date
2009-01-29  
Seq
2008-4364  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
26695 4192 CVE-2008-4364 4343  View
26696 4192 CVE-2008-4364 http://www.bugreport.ir/index_53.htm  View
26697 4192 CVE-2008-4364 6610  View
26698 4192 CVE-2008-4364 20080928 ParsaWeb CMS SQL Injection  View
26699 4192 CVE-2008-4364 31450  View
26700 4192 CVE-2008-4364 parsaweb-id-txtsearch-sql-injection(45494)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
49593 JVNDB-2008-004903 ParsaGostar ParsaWeb CMS の default.aspx における SQL インジェクションの脆弱性 ParsaGostar ParsaWeb CMS の default.aspx には、SQL インジェクションの脆弱性が存在します。 CVE-2008-4364 34477 CVE-2008-4364 4192 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-004903.html 2008-09-30 2012-09-25 View