CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-6525

HIGH
7.5
CVSS Severity Score
EPSS Score0.1290%
EPSS Percentile24.33th
Published2009年3月25日
Last Modified2026年4月23日

Vulnerability Description

SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field).

Affected Platforms (CPE)

📦
Nicephpscripts

Nice Php Faq Script

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/32150
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/46402
🔗 https://www.exploit-db.com/exploits/7018
🔗 http://www.securityfocus.com/bid/32150
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/46402
🔗 https://www.exploit-db.com/exploits/7018

相關漏洞威脅

CVE-2017-159889.8

Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525.

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...