CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2008-3366 – Pligg CMS 9.9.0 - 'story.php' SQL Injection
https://notcve.org/view.php?id=CVE-2008-3366
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774. Vulnerabilidad de inyección SQL en story.php en Pligg CMS Beta 9.9.0, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "id". NOTA: esta puede solaparse con CVE-2008-1774. • https://www.exploit-db.com/exploits/6146 http://securityreason.com/securityalert/4063 http://www.vupen.com/english/advisories/2008/2214/references https://exchange.xforce.ibmcloud.com/vulnerabilities/44021 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-1774 – Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1774
SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en editlink.php de Pligg 9.9.0, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id. • https://www.exploit-db.com/exploits/5406 http://www.securityfocus.com/bid/28681 http://www.vupen.com/english/advisories/2008/1164/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41709 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •