CVE-2008-6250
published 2009-02-23CVE-2008-6250: SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a…
PriorityP340medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.08%
61.0th percentile
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| comdev | comdev_web_blogger | <= 4.1.3 | — |
| comdev | comdev_web_blogger | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://e-rdc.org/v1/news.php?readmore=102http://secunia.com/advisories/31100http://www.securityfocus.com/archive/1/494412/100/0/threadedhttp://www.securityfocus.com/bid/30237https://exchange.xforce.ibmcloud.com/vulnerabilities/43776https://www.exploit-db.com/exploits/6079http://e-rdc.org/v1/news.php?readmore=102http://secunia.com/advisories/31100http://www.securityfocus.com/archive/1/494412/100/0/threadedhttp://www.securityfocus.com/bid/30237https://exchange.xforce.ibmcloud.com/vulnerabilities/43776https://www.exploit-db.com/exploits/6079
2009-02-23
Published