CVE-2008-5813

Published Jan 2, 2009

Last updated 8 years ago

CVSS info 7.5

Overview

Description: SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B513AF43-AFCA-494C-A3D0-A35F3214CE62"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C4AC748-27C3-4FEC-A3C0-CF68B7D5DA4A"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91DEC874-206B-4C45-92F5-C6C650F92782"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8.2b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A738F49-1968-4748-A48D-7D493BD09313"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2258E6D1-B11D-4902-98D2-FC8330BE175D"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "233CD17B-7CA9-4169-85CC-D44C2783A274"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8b2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1F0B947-DA3E-4394-A2B4-240B9792BA9B"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8b3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4FBAA9E-2DD6-4FCC-AD97-CF666DB1B6EC"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8b4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D11D5EC5-EB3F-4517-90E4-FE4B0B6526A0"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8b5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "537F4814-914D-4493-98FB-F5F21B385F8B"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.8b6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E128150-5AF1-45EF-8A6F-6709671F22D8"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87EF9B63-0BB2-425A-8A81-1264BD28DB5E"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.9.1:rev7385:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDBAD023-85A7-4B75-90EA-7C174F746050"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.9.1:rev7502:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82D6BD57-507A-4131-9D50-7F76BB9C5DC7"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BCB6E24-EA9D-46C4-B128-310DFEB22D50"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:1.9.2f:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D95CA7C1-F894-4530-B3D4-44002F387453"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DF1BEB1-2CCB-47F6-8EFB-E4F9AA6A4ED0"
          },
          {
            "criteria": "cpe:2.3:a:spip:spip:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5698E04-FD77-45A1-8FBE-200897595CB1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References