Vulnerability Description
Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ocean12 Technologies | Mailing List Manager | _nil_ |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32929Vendor Advisory
- http://www.securityfocus.com/bid/32587Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47021
- https://www.exploit-db.com/exploits/7319
- http://secunia.com/advisories/32929Vendor Advisory
- http://www.securityfocus.com/bid/32587Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47021
- https://www.exploit-db.com/exploits/7319
FAQ
What is CVE-2008-5978?
CVE-2008-5978 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.
How severe is CVE-2008-5978?
CVE-2008-5978 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5978?
Check the references section above for vendor advisories and patch information. Affected products include: Ocean12 Technologies Mailing List Manager.