CVE-2008-6119

EPSS 1.74%
Veröffentlicht 11.02.2009 17:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Goople Cms ≫ Goople Cms Version1.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.74%	0.822

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/32819

Vendor Advisory

http://www.securityfocus.com/bid/33848

https://exchange.xforce.ibmcloud.com/vulnerabilities/46800

https://nvd.nist.gov/vuln/detail/CVE-2008-6119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-6119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-6119

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2008-6119