Search
Find a vulnerability
Search criteria
4 vulnerabilities found for crafty_syntax_live_help by craftysyntax
CVE-2008-3845 (GCVE-0-2008-3845)
Vulnerability from nvd – Published: 2008-08-27 23:00 – Updated: 2024-08-07 09:53
VLAI
EPSS
VEX
Summary
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/6307 | exploitx_refsource_EXPLOIT-DB |
| http://security.craftysyntax.com/updates/?v=2.14.6 | x_refsource_CONFIRM |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://www.gulftech.org/?node=research&article_id… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/495729/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/31573 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/30825 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4192 | third-party-advisoryx_refsource_SREASON |
Date Public
2008-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6307",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.craftysyntax.com/updates/?v=2.14.6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=620878"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "31573",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31573"
},
{
"name": "crafty-syntax-isxmlhttp-sql-injection(44669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44669"
},
{
"name": "30825",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30825"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6307",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.craftysyntax.com/updates/?v=2.14.6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=620878"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "31573",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31573"
},
{
"name": "crafty-syntax-isxmlhttp-sql-injection(44669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44669"
},
{
"name": "30825",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30825"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6307",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6307"
},
{
"name": "http://security.craftysyntax.com/updates/?v=2.14.6",
"refsource": "CONFIRM",
"url": "http://security.craftysyntax.com/updates/?v=2.14.6"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=620878",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=620878"
},
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "31573",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31573"
},
{
"name": "crafty-syntax-isxmlhttp-sql-injection(44669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44669"
},
{
"name": "30825",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30825"
},
{
"name": "4192",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3845",
"datePublished": "2008-08-27T23:00:00.000Z",
"dateReserved": "2008-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:53:00.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3840 (GCVE-0-2008-3840)
Vulnerability from nvd – Published: 2008-08-27 20:00 – Updated: 2024-08-07 09:53
VLAI
EPSS
VEX
Summary
Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.gulftech.org/?node=research&article_id… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/495729/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/4192 | third-party-advisoryx_refsource_SREASON |
Date Public
2008-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3840",
"datePublished": "2008-08-27T20:00:00.000Z",
"dateReserved": "2008-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:53:00.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3845 (GCVE-0-2008-3845)
Vulnerability from cvelistv5 – Published: 2008-08-27 23:00 – Updated: 2024-08-07 09:53
VLAI
EPSS
VEX
Summary
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/6307 | exploitx_refsource_EXPLOIT-DB |
| http://security.craftysyntax.com/updates/?v=2.14.6 | x_refsource_CONFIRM |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://www.gulftech.org/?node=research&article_id… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/495729/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/31573 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/30825 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4192 | third-party-advisoryx_refsource_SREASON |
Date Public
2008-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6307",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security.craftysyntax.com/updates/?v=2.14.6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=620878"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "31573",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31573"
},
{
"name": "crafty-syntax-isxmlhttp-sql-injection(44669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44669"
},
{
"name": "30825",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30825"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6307",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security.craftysyntax.com/updates/?v=2.14.6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=620878"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "31573",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31573"
},
{
"name": "crafty-syntax-isxmlhttp-sql-injection(44669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44669"
},
{
"name": "30825",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30825"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6307",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6307"
},
{
"name": "http://security.craftysyntax.com/updates/?v=2.14.6",
"refsource": "CONFIRM",
"url": "http://security.craftysyntax.com/updates/?v=2.14.6"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=620878",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=620878"
},
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "31573",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31573"
},
{
"name": "crafty-syntax-isxmlhttp-sql-injection(44669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44669"
},
{
"name": "30825",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30825"
},
{
"name": "4192",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3845",
"datePublished": "2008-08-27T23:00:00.000Z",
"dateReserved": "2008-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:53:00.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3840 (GCVE-0-2008-3840)
Vulnerability from cvelistv5 – Published: 2008-08-27 20:00 – Updated: 2024-08-07 09:53
VLAI
EPSS
VEX
Summary
Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.gulftech.org/?node=research&article_id… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/495729/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/4192 | third-party-advisoryx_refsource_SREASON |
Date Public
2008-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help \u003c= 2.14.6 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3840",
"datePublished": "2008-08-27T20:00:00.000Z",
"dateReserved": "2008-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:53:00.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}