CVE-2008-3223 - CERT CVE
ID CVE-2008-3223
Sažetak SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
Reference
CVSS
Base: 7.5
Impact: 6.4
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 15-04-2021 - 13:49
Objavljeno 18-07-2008 - 16:41