CVE-2008-2791
published 2008-06-20CVE-2008-2791: SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.97%
57.5th percentile
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | httpd | — | — |
| kalptaru_infotech | comparison_engine_power_script | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_apache5.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9r8v-84h2-969g: SQL injection vulnerability in product
ghsa_unreviewed·2022-05-01
CVE-2008-2791 [HIGH] CWE-89 GHSA-9r8v-84h2-969g: SQL injection vulnerability in product
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Apache
Apache httpd: CVE-2010-2791
vendor_apache·CVSS 5.0
CVE-2010-2791 [HIGH] Apache httpd: CVE-2010-2791
Apache httpd: CVE-2010-2791
An information disclosure flaw was found in mod_proxy_http in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced. The simplest workaround is to globally configure: SetEnv proxy-nokeepalive 1 Reported to security team 2010-07-23 Issue public 2010-07-23 Update 2.2.10 released 2008-10-31 Affects 2.2.9
Severity: high
Affected versions: 2.2.9 o
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/30729http://www.securityfocus.com/bid/29768https://exchange.xforce.ibmcloud.com/vulnerabilities/43138https://www.exploit-db.com/exploits/5834http://secunia.com/advisories/30729http://www.securityfocus.com/bid/29768https://exchange.xforce.ibmcloud.com/vulnerabilities/43138https://www.exploit-db.com/exploits/5834
2008-06-20
Published