Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2008-3880

SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter.

PublishedSep 02, 2008, 15:41

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://secunia.com/advisories/31636
http://www.securityfocus.com/archive/1/495745/100/0/threaded
http://www.securityfocus.com/bid/30843
https://exchange.xforce.ibmcloud.com/vulnerabilities/44726

Weakness Type

CWE-89

CVSS Metrics

Base Score

7.5

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)