CVE-2008-6753

EUVD-2008-6713
SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
silverstripesilverstripe
𝑥
≤ 2.2.1
silverstripesilverstripe
2.0.0
silverstripesilverstripe
2.0.1
silverstripesilverstripe
2.0.2
silverstripesilverstripe
2.1.0
silverstripesilverstripe
2.1.1
silverstripesilverstripe
2.2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://silverstripe.org/archive/show/43794
http://www.openwall.com/lists/oss-security/2009/04/13/2
http://www.securityfocus.com/bid/34852
https://exchange.xforce.ibmcloud.com/vulnerabilities/50368
http://silverstripe.org/archive/show/43794
http://www.openwall.com/lists/oss-security/2009/04/13/2
http://www.securityfocus.com/bid/34852
https://exchange.xforce.ibmcloud.com/vulnerabilities/50368