CVE-2008-6230
published 2009-02-20CVE-2008-6230: SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.00%
58.6th percentile
SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8v35-xqgj-f637: SQL injection vulnerability in Tour
ghsa_unreviewed·2022-05-17
CVE-2008-6230 [HIGH] CWE-89 GHSA-8v35-xqgj-f637: SQL injection vulnerability in Tour
SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
Red Hat
bind: localnets ACL bypass caused by WinSock API bug
vendor_redhat·2013-11-06·CVSS 6.8
CVE-2013-6230 [MEDIUM] bind: localnets ACL bypass caused by WinSock API bug
bind: localnets ACL bypass caused by WinSock API bug
The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask.
Statement: Not vulnerable. This flaw only affected BIND on Microsoft Windows platforms with a flawed WinSock call. This vulnerability does not affect BIND on Linux or Unix platforms.
Package: bind (Red Hat Enterprise Linux 5) - Not affected
Package: bind97 (Red Hat Enterprise Linux 5) - Not affected
Package: bind (R
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/32563http://www.securityfocus.com/bid/32124http://www.vupen.com/english/advisories/2008/3016https://exchange.xforce.ibmcloud.com/vulnerabilities/46386https://www.exploit-db.com/exploits/6997http://secunia.com/advisories/32563http://www.securityfocus.com/bid/32124http://www.vupen.com/english/advisories/2008/3016https://exchange.xforce.ibmcloud.com/vulnerabilities/46386https://www.exploit-db.com/exploits/6997
2009-02-20
Published