CVE-2008-2963

{"id": "CVE-2008-2963", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2008-07-02T17:14:00.000", "references": [{"url": "http://www.securityfocus.com/bid/29900", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43292", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/5913", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en MyBlog permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s del (1) par\u00e1metro view de (a) index.php, y los (2) par\u00e1metros id de (b) member.php y (c) post.php."}], "lastModified": "2017-09-29T01:31:26.663", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:myblog:myblog:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5707DF3F-954A-44ED-A876-99E8B75DE6C3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}