SQL Injection Vulnerabilities in Stash by Stash
CVE-2008-4590

Currently unrated

Key Information:

Vendor

Stash

Status
Stash
Vendor
CVE Published:
16 October 2008

What is CVE-2008-4590?

Multiple SQL injection vulnerabilities in Stash version 1.0.3 enable remote attackers to execute arbitrary SQL commands. Specifically, these weaknesses arise from inadequate validation of user input, allowing malicious entries through the username parameter in admin/login.php and the post parameter in admin/news.php. Attackers exploiting these vulnerabilities can manipulate the database, retrieve sensitive information, or execute unintended commands, posing significant security risks to the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/4413
third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/45799
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/31687
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.