What is the severity of CVE-2008-3151?

CVE-2008-3151 is classified as a high severity SQL injection vulnerability.

How do I fix CVE-2008-3151?

To fix CVE-2008-3151, sanitize and validate user inputs to the id parameter in the show_dvd action.

Which software versions are affected by CVE-2008-3151?

CVE-2008-3151 affects version 0.91 of the 4ndvddb module for both Warpspeed and PHP-Nuke.

What type of attack does CVE-2008-3151 allow?

CVE-2008-3151 allows remote attackers to execute arbitrary SQL commands.

Is it possible to exploit CVE-2008-3151 without authentication?

Yes, CVE-2008-3151 can be exploited by remote attackers without needing authentication.

Vulnerability/
CVE-2008-3151

high

7.5

CWE

11/7/2008

7/8/2024

CVE-2008-3151: SQL Injection

First published: Fri Jul 11 2008(Updated: )

SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Warpspeed 4ndvddb	=0.91
Phpnuke 4ndvddb	=0.91

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-3151?
CVE-2008-3151 is classified as a high severity SQL injection vulnerability.
How do I fix CVE-2008-3151?
To fix CVE-2008-3151, sanitize and validate user inputs to the id parameter in the show_dvd action.
Which software versions are affected by CVE-2008-3151?
CVE-2008-3151 affects version 0.91 of the 4ndvddb module for both Warpspeed and PHP-Nuke.
What type of attack does CVE-2008-3151 allow?
CVE-2008-3151 allows remote attackers to execute arbitrary SQL commands.
Is it possible to exploit CVE-2008-3151 without authentication?
Yes, CVE-2008-3151 can be exploited by remote attackers without needing authentication.

collector/nvd-historical
collector/nvd-index
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/last-modified-date
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/warpspeed
canonical/warpspeed 4ndvddb
version/warpspeed 4ndvddb/0.91
vendor/phpnuke
canonical/phpnuke 4ndvddb
version/phpnuke 4ndvddb/0.91

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2008-3151?
CVE-2008-3151 is classified as a high severity SQL injection vulnerability.
How do I fix CVE-2008-3151?
To fix CVE-2008-3151, sanitize and validate user inputs to the id parameter in the show_dvd action.
Which software versions are affected by CVE-2008-3151?
CVE-2008-3151 affects version 0.91 of the 4ndvddb module for both Warpspeed and PHP-Nuke.
What type of attack does CVE-2008-3151 allow?
CVE-2008-3151 allows remote attackers to execute arbitrary SQL commands.
Is it possible to exploit CVE-2008-3151 without authentication?
Yes, CVE-2008-3151 can be exploited by remote attackers without needing authentication.