CVE-2009-2345

Published Jul 7, 2009

Last updated 15 years ago

Overview

Description: Multiple SQL injection vulnerabilities in ClanSphere before 2009.0.1 allow remote attackers to execute arbitrary SQL commands via unknown parameters to the gbook module and unspecified other components.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D37828F-460B-45A0-A9BB-2ED8ACF78A4D",
            "versionEndIncluding": "2009.0"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2007.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B498CF2-0ED8-497E-9375-5C7E31941095"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2007.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91ED323B-9626-46F5-AFA9-98C3705A502F"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2007.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5036F226-B242-485D-95F9-3A4218AC4C02"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2007.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C8E2F6F-2A34-4335-93FA-5EB054BFEAB3"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2007.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2C73C22-D21C-4BAF-B945-C83F08D56AC6"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2008:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FC5B7AF-964C-412B-8CE2-17B03AC34026"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2008.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22458DE4-F715-4ECE-9FF1-08F0AC430C80"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2008.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5A55ADA-F556-4C25-8415-208E9E68ACCF"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2008.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30B73D07-06C5-4466-8157-82DE5304E7F6"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2009.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96F6E5E6-C61A-411C-B179-E301DF4AB7F0"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2009.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3E469F4-FC52-4151-AB6F-F41B3E0BA72E"
          },
          {
            "criteria": "cpe:2.3:a:clansphere:clansphere:2009.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D85C9E29-3771-4BEF-BDBD-09933D7F8087"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References