CVE-2008-5977
published 2009-01-27CVE-2008-5977: SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.97%
57.3th percentile
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action.
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-23fp-xqj8-q68w: SQL injection vulnerability in siteadmin/forgot
ghsa_unreviewed·2022-05-17
CVE-2008-5977 [HIGH] CWE-89 GHSA-23fp-xqj8-q68w: SQL injection vulnerability in siteadmin/forgot
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action.
Red Hat
phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
vendor_redhat·2008-10-27·CVSS 6.8
CVE-2008-4775 [MEDIUM] CWE-79 phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
phpMyAdmin: XSS issue in pmd_pdf.php via db parameter with register_globals enabled
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
No detection rules found.
http://www.packetstormsecurity.org/0812-exploits/phpjobwebsite-cmsqlxss.txthttp://www.securityfocus.com/bid/32570https://exchange.xforce.ibmcloud.com/vulnerabilities/46998http://www.packetstormsecurity.org/0812-exploits/phpjobwebsite-cmsqlxss.txthttp://www.securityfocus.com/bid/32570https://exchange.xforce.ibmcloud.com/vulnerabilities/46998
2009-01-27
Published