Vulnerability Description
SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers to execute arbitrary SQL commands via the fID parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jiro | Faq Manager Experience | 1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30569Vendor Advisory
- http://www.securityfocus.com/bid/29594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42919
- https://www.exploit-db.com/exploits/5753
- http://secunia.com/advisories/30569Vendor Advisory
- http://www.securityfocus.com/bid/29594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42919
- https://www.exploit-db.com/exploits/5753
FAQ
What is CVE-2008-2691?
CVE-2008-2691 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers to execute arbitrary SQL commands via the fID parameter.
How severe is CVE-2008-2691?
CVE-2008-2691 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2691?
Check the references section above for vendor advisories and patch information. Affected products include: Jiro Faq Manager Experience.