Vulnerability Details CVE-2008-6917
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/27638
- http://www.securityfocus.com/bid/32220
- http://www.vupen.com/english/advisories/2008/3064
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46493
- https://www.exploit-db.com/exploits/7071
- http://secunia.com/advisories/27638
- http://www.securityfocus.com/bid/32220
- http://www.vupen.com/english/advisories/2008/3064
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46493
- https://www.exploit-db.com/exploits/7071
Products affected by CVE-2008-6917
-
cpe:2.3:a:exoscripts:exophpdesk:1.2