Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2008-2087

Published: 06/05/2008 Updated: 11/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Softbiz

Vulnerability Summary

SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.

Vulnerable Product Search on Vulmon Subscribe to Product

softbiz web hosting directory script

Exploits

Exploit DB: Softbiz Web Host Directory Script - 'host_id' SQL Injection
____________________ ___ ___ ________ \_ _____/\_ ___ \ / | \\_____ \ | __)_ / \ \// ~ \/ | \ | \\ \___\ Y / | \ /_______ / \______ /\___|_ /\_______ / \/ \/ \/ \/ ORID ECHO_ADV_89$2008 ----------------------------- ...

References

CWE-89http://advisories.echo.or.id/adv/adv89-K-159-2008.txthttp://www.securityfocus.com/bid/28971http://secunia.com/advisories/29983http://securityreason.com/securityalert/3855https://exchange.xforce.ibmcloud.com/vulnerabilities/42096https://www.exploit-db.com/exploits/5517http://www.securityfocus.com/archive/1/491396/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/5517/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook