ByteOS Network

NVD Vulnerability Details :

CVE-2008-6132

Modified

Source-cve@mitre.org

Published At-13 Feb, 2009 | 18:30

Updated At-29 Sep, 2017 | 01:32

Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

brickhost>>phpscheduleit>>Versions up to 1.2.10(inclusive)

cpe:2.3:a:brickhost:phpscheduleit:*:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.0

cpe:2.3:a:brickhost:phpscheduleit:1.0:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.0.0rc1

cpe:2.3:a:brickhost:phpscheduleit:1.0.0rc1:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.0_rc1

cpe:2.3:a:brickhost:phpscheduleit:1.0_rc1:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.0

cpe:2.3:a:brickhost:phpscheduleit:1.2.0:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.0

cpe:2.3:a:brickhost:phpscheduleit:1.2.0:beta:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.0

cpe:2.3:a:brickhost:phpscheduleit:1.2.0:rc1:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.1

cpe:2.3:a:brickhost:phpscheduleit:1.2.1:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.2

cpe:2.3:a:brickhost:phpscheduleit:1.2.2:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.3

cpe:2.3:a:brickhost:phpscheduleit:1.2.3:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.4

cpe:2.3:a:brickhost:phpscheduleit:1.2.4:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.5

cpe:2.3:a:brickhost:phpscheduleit:1.2.5:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.6

cpe:2.3:a:brickhost:phpscheduleit:1.2.6:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.7

cpe:2.3:a:brickhost:phpscheduleit:1.2.7:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.8

cpe:2.3:a:brickhost:phpscheduleit:1.2.8:*:*:*:*:*:*:*

brickhost>>phpscheduleit>>1.2.9

cpe:2.3:a:brickhost:phpscheduleit:1.2.9:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-94	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://phpscheduleit.svn.sourceforge.net/viewvc/phpscheduleit/1.2.11/reserve.php?r1=318&r2=328	cve@mitre.org	N/A
http://secunia.com/advisories/32073	cve@mitre.org	Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=662749	cve@mitre.org	N/A
http://www.exploit-db.com/exploits/18037	cve@mitre.org	N/A
http://www.exploit-db.com/exploits/6646	cve@mitre.org	N/A
http://www.osvdb.org/48797	cve@mitre.org	N/A
http://www.securityfocus.com/bid/31520	cve@mitre.org	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/45617	cve@mitre.org	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History