{ "schema_version": "1.4.0", "id": "GHSA-hpf8-8g34-6659", "modified": "2022-05-01T23:47:58Z", "published": "2022-05-01T23:47:58Z", "aliases": [ "CVE-2008-2231" ], "details": "SQL injection vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to execute SQL commands and read table information via the id parameter.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2231" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42880" }, { "type": "WEB", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484499" }, { "type": "WEB", "url": "http://marc.info/?l=oss-security&m=121258731028005&w=2" }, { "type": "WEB", "url": "http://marc.info/?l=oss-security&m=121260265427728&w=2" }, { "type": "WEB", "url": "http://secunia.com/advisories/30551" }, { "type": "WEB", "url": "http://secunia.com/advisories/31691" }, { "type": "WEB", "url": "http://securityreason.com/securityalert/3923" }, { "type": "WEB", "url": "http://slashcode.cvs.sourceforge.net/slashcode/slash/Slash/Utility/Environment/Environment.pm?r1=1.223&r2=1.225" }, { "type": "WEB", "url": "http://www.debian.org/security/2008/dsa-1633" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/29548" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1020206" }, { "type": "WEB", "url": "http://www.slashcode.com/article.pl?sid=08/01/04/1950244&tid=4" }, { "type": "WEB", "url": "http://www.slashcode.com/article.pl?sid=08/01/07/2314232" } ], "database_specific": { "cwe_ids": [ "CWE-89" ], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2008-06-05T20:32:00Z" } }