CVE-2008-3845
Published Aug 27, 2008
Last updated 6 years ago
Overview
- Description
- Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5FB9AC4-B63B-44C6-8772-458C23D19D8C",
"versionEndIncluding": "2.14.6"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBE656C4-BF6A-42BD-8303-EC73817F7A6F"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66D60B2A-4DAB-4C2B-B2DB-26FF04716FEE"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC075169-3A70-4123-8D3C-A26E5344A648"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40852B54-1F4F-48BA-94BA-A92DF520A0B8"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97EEE612-EC04-4DB5-B82C-EE2E53F5036F"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "321CAE6E-7697-4990-8132-5A4C02C8D41D"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4AD1E1F-8632-4255-9E24-C06B845C52DE"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E8A2C64-2F80-4CFB-9338-510C0B3667C3"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA1A4C95-B276-4763-97AC-FCD0630F3CC4"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C6CCE39-65AC-4E0D-8DAB-7ED07B3ACC59"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C88102A-C1AE-4523-B6A1-EBA336D0E79F"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EF401FE-7A2C-4BFB-91F3-5E777E48C662"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.10.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5BA9819-BFBC-47FD-945C-BB6EFE69B249"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.10.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B2A4737-8606-4D01-801B-7ABF238CC15B"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D412260D-7FBC-4E7C-B9C8-91A84DB8323D"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D86D4D3-8123-45DB-A973-88C06E88BD1B"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4476BDE7-4BE7-405A-94B3-033F3C63A3BA"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83D333B9-C879-46CB-849F-F587D8C582C2"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADCEC7D1-CE54-4E3C-8366-BF8CC52AD7D1"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02D7A972-D4F9-477B-B084-4C7C2693CAB7"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F31A5C9-EF8A-43AD-A1B1-B086B191D9A5"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4789831-8986-4320-AB8C-55D2C56E1D0B"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFE6075D-9A55-4404-A1CE-057E8CC52F9E"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.11.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E7A9AA0-9705-468E-B074-FB237C0F3812"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF8C79BA-D9F1-47FA-B41E-6B027FEC4EC3"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2F505F6-68CC-40F2-B057-F7E438A59DD0"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD3FFA0A-4FA7-421E-81A7-BA1745254CCD"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEC16207-23C9-4B3F-990D-F75A19C4A18E"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5222A77-77DB-44AE-BA86-328E81B20CB9"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5651E8F4-F1E4-4D5C-BD2B-3ED3CB12AC82"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED915AA1-0EEF-4CCC-BD6B-72C2FD7CB062"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83EDB136-73AA-490A-9127-3BE58DC0BF46"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AF50AD2-A709-43CE-B4AA-9B83796086B7"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.12.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DCC24DA-89F4-4CB4-BEAD-DE190FD43733"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B7FCE7C-005F-416C-8D50-67E6BD468990"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EF70D7A-0F6E-4E4E-AD6C-08306AC5F330"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7135EADC-BBAE-44FC-87B2-5522D4F8DE70"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.14.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B41549BB-EFC4-44C6-B655-F20DED3B8B4C"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.14.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "400412F2-7DF0-4639-B199-887576BCD2A4"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.14.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B1DF873-246E-4784-8E45-80E67C215AF7"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.14.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E0CAAB8-2537-4931-A860-AF24B25C130D"
},
{
"criteria": "cpe:2.3:a:craftysyntax:crafty_syntax_live_help:2.14.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6086FB69-0DF4-4F72-A0CF-B3C2BC575361"
}
],
"operator": "OR"
}
]
}
]