Vulnerability Description
SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Musicbox | Musicbox | 2.3.6 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30107Vendor Advisory
- http://www.securityfocus.com/bid/29100Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42259
- https://www.exploit-db.com/exploits/5560
- http://secunia.com/advisories/30107Vendor Advisory
- http://www.securityfocus.com/bid/29100Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42259
- https://www.exploit-db.com/exploits/5560
FAQ
What is CVE-2008-2125?
CVE-2008-2125 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter.
How severe is CVE-2008-2125?
CVE-2008-2125 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2125?
Check the references section above for vendor advisories and patch information. Affected products include: Musicbox Musicbox.