{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T15:42:30.211","vulnerabilities":[{"cve":{"id":"CVE-2008-3412","sourceIdentifier":"cve@mitre.org","published":"2008-07-31T17:41:00.000","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a (1) pro_show or (2) disppro action to the default URI."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en Comsenz EPShop (también conocido como ECShop) anterior a 3.0, permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro pid en una acción (1) pro_show o (2) disppro a la URI por defecto."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:*:*:*:*:*:*:*:*","versionEndIncluding":"2.1.5","matchCriteriaId":"B418B22F-94B3-4136-9153-4CCD11818719"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2F599A10-59D2-42DD-B802-8CF762FE4058"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"163FD650-44D0-4279-9965-63560290A62B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"DD0F5987-618D-4AC7-AB68-77D7EC086092"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.0.2:a:*:*:*:*:*:*","matchCriteriaId":"72B0447A-5245-4058-AFFA-AE77B54AFF1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.0.3:*:*:*:*:*:*:*","matchCriteriaId":"CA2C9029-29F5-460B-839D-914154F1253E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.0.5:*:*:*:*:*:*:*","matchCriteriaId":"19307B71-B617-4D1A-AE63-E3ADDB4CC946"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"6B88A332-9138-4AFF-98CE-F0490249D649"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"E76F06E3-7AD7-4C0C-B9EF-133241B4E81B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.1:a:*:*:*:*:*:*","matchCriteriaId":"B5E8BB11-ABD6-44EC-BC11-D04E498A8C44"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.1:b:*:*:*:*:*:*","matchCriteriaId":"325C11B1-3ADD-4AE6-9D36-6BF503EADBFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.1:c:*:*:*:*:*:*","matchCriteriaId":"B51A2BE2-70B0-4D25-8C1A-AA0C7E4C3D55"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"F94A3FD5-E50C-4573-9F45-C567020BA790"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.2:a:*:*:*:*:*:*","matchCriteriaId":"ADE42D81-5D62-4E88-B11C-FC84CCF52466"},{"vulnerable":true,"criteria":"cpe:2.3:a:ecshop:epshop:2.1.2:b:*:*:*:*:*:*","matchCriteriaId":"7FA9315F-542B-421E-B8A2-5BCFA1BD7472"}]}]}],"references":[{"url":"http://securityreason.com/securityalert/4090","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/30387","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44025","source":"cve@mitre.org"},{"url":"https://www.exploit-db.com/exploits/6139","source":"cve@mitre.org"},{"url":"http://securityreason.com/securityalert/4090","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/30387","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44025","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.exploit-db.com/exploits/6139","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}