CVE-2008-0770
published 2008-02-14CVE-2008-0770: SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.06%
60.2th percentile
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibproarcade | ibproarcade | <= 3.3.0 | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x47m-3p5m-6489: SQL injection vulnerability in arcade
ghsa_unreviewed·2022-05-01
CVE-2008-0770 [HIGH] CWE-89 GHSA-x47m-3p5m-6489: SQL injection vulnerability in arcade
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter.
Red Hat
, CVE-2008-6071, CVE-2008-6072, CVE-2008-6621 multiple security issues in ImageMagick
vendor_redhat·2007-03-01·CVSS 9.3
CVE-2008-6070 [CRITICAL] , CVE-2008-6071, CVE-2008-6072, CVE-2008-6621 multiple security issues in ImageMagick
, CVE-2008-6071, CVE-2008-6072, CVE-2008-6621 multiple security issues in ImageMagick
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information.
Statement: The costs associated with fixing these bug are greater than the posed security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux at this time.
No detection rules found.
No writeups or analysis indexed.
2008-02-14
Published