cpe:/a:igniterealtime:openfire:2.6.0 cpe:/a:igniterealtime:openfire:2.6.1 cpe:/a:igniterealtime:openfire:2.6.2 cpe:/a:igniterealtime:openfire:3.0.0 cpe:/a:igniterealtime:openfire:3.0.1 cpe:/a:igniterealtime:openfire:3.1.0 cpe:/a:igniterealtime:openfire:3.1.1 cpe:/a:igniterealtime:openfire:3.2.0 cpe:/a:igniterealtime:openfire:3.2.1 cpe:/a:igniterealtime:openfire:3.2.2 cpe:/a:igniterealtime:openfire:3.2.3 cpe:/a:igniterealtime:openfire:3.2.4 cpe:/a:igniterealtime:openfire:3.3.0 cpe:/a:igniterealtime:openfire:3.3.2 cpe:/a:igniterealtime:openfire:3.3.3 cpe:/a:igniterealtime:openfire:3.4.0 cpe:/a:igniterealtime:openfire:3.4.1 cpe:/a:igniterealtime:openfire:3.4.3 cpe:/a:igniterealtime:openfire:3.4.4 cpe:/a:igniterealtime:openfire:3.4.5 cpe:/a:igniterealtime:openfire:3.5.0 cpe:/a:igniterealtime:openfire:3.5.1 cpe:/a:igniterealtime:openfire:3.5.2 cpe:/a:igniterealtime:openfire:3.6.0 cpe:/a:igniterealtime:openfire:3.6.0a CVE-2008-6509 2009-03-23T16:00:00.267-04:00 2017-09-28T21:33:12.840-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-03-24T08:52:00.000-04:00 BUGTRAQ 20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...) BID 32189 SECUNIA 32478 OSVDB 51912 EXPLOIT-DB 7075 VUPEN ADV-2008-3061 MISC http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt MISC http://www.andreas-kurtz.de/archives/63 CONFIRM http://www.igniterealtime.org/issues/browse/JM-1488 XF openfire-siparklogsummary-sql-injection(46487) SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.