Return to CVE list

CVE-2008-4345

7.5
Critical

CVE-2008-4345

cve@mitre.org
Modified
View on MITREFind on GitHub

Description

SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.

Exploits

64432008-09-12webappsPHP

WebPortal CMS 0.7.4 - 'download.php' SQL Injection

By StAkeR

References

cve@mitre.org
http://secunia.com/advisories/31784
cve@mitre.org
http://www.securityfocus.com/bid/31156
cve@mitre.org
http://www.vupen.com/english/advisories/2008/2560
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/45113
cve@mitre.org
https://www.exploit-db.com/exploits/6443
af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/31784
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31156
af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2560
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/45113
af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/6443