{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T10:41:53.955","vulnerabilities":[{"cve":{"id":"CVE-2008-5632","sourceIdentifier":"cve@mitre.org","published":"2008-12-17T17:30:00.640","lastModified":"2026-06-16T23:00:41.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en el archivo Account.asp en Active Time Billing 3.2 permite a los atacantes remotos ejecutar arbitrariamente comandos SQL a través de los parámetros (1) username y (2) password, posiblemente relativos al archivo start.asp. NOTA: algunos de estos detalles son obtenidos de información de terceros."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:activewebsoftwares:active_time_billing:3.2:*:*:*:*:*:*:*","matchCriteriaId":"FBD441B8-3CE5-4DB7-AF22-F741401EE71B"}]}]}],"references":[{"url":"http://secunia.com/advisories/32895","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2008/3295","source":"cve@mitre.org"},{"url":"https://www.exploit-db.com/exploits/7301","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/32895","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2008/3295","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.exploit-db.com/exploits/7301","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}