CVE-2008-4355
published 2008-09-30CVE-2008-4355: SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.04%
59.7th percentile
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| powie | pforum | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mx4m-93xq-9pw4: SQL injection vulnerability in showprofil
ghsa_unreviewed·2022-05-02
CVE-2008-4355 [HIGH] CWE-89 GHSA-mx4m-93xq-9pw4: SQL injection vulnerability in showprofil
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Red Hat
openssl significant memory leak in certain SSLv3 requests (DoS)
vendor_redhat·2010-01-13·CVSS 5.0
CVE-2009-4355 [MEDIUM] CWE-401 openssl significant memory leak in certain SSLv3 requests (DoS)
openssl significant memory leak in certain SSLv3 requests (DoS)
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/31872http://www.securityfocus.com/bid/31150http://www.vupen.com/english/advisories/2008/2559https://exchange.xforce.ibmcloud.com/vulnerabilities/45079https://www.exploit-db.com/exploits/6442http://secunia.com/advisories/31872http://www.securityfocus.com/bid/31150http://www.vupen.com/english/advisories/2008/2559https://exchange.xforce.ibmcloud.com/vulnerabilities/45079https://www.exploit-db.com/exploits/6442
2008-09-30
Published