Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2008-1911

Published: 22/04/2008 Updated: 29/09/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to 1024 Cms

Vulnerability Summary

SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a cookpass cookie.

Vulnerable Product Search on Vulmon Subscribe to Product

1024 cms 1024 cms 1.4.2

Exploits

Exploit DB: 1024 CMS 1.4.2 - Local File Inclusion / Blind SQL Injection
# Author: __GiReX__ # mySite: girexaltervistaorg # Date: 13/04/2008 # CMS: 1024 CMS <= 141 and 142 (beta) # Site: 1024cmscom # Bug1: Local File Inclusion # Need: magic_quotes_gpc = Off / register_globals = On # Bug2: Cookie Blind SQL Injection # Exploit: Admin Hash Retrieve Exploit # Need: magic_quotes_gpc = Off # Bug1: Vul ...

References

CWE-89http://www.securityfocus.com/bid/28754http://secunia.com/advisories/29810https://exchange.xforce.ibmcloud.com/vulnerabilities/41785https://www.exploit-db.com/exploits/5434https://nvd.nist.govhttps://www.exploit-db.com/exploits/5434/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook