Return to CVE list

CVE-2008-4772

7.5
Critical

CVE-2008-4772

cve@mitre.org
Modified
View on MITREFind on GitHub

Description

SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter.

Exploits

68532008-10-27webappsPHP

QuestCMS - Cross-Site Scripting / Directory Traversal / SQL Injection

By d3b4g

References

cve@mitre.org
http://securityreason.com/securityalert/4523
cve@mitre.org
http://www.securityfocus.com/bid/31945
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/46150
cve@mitre.org
https://www.exploit-db.com/exploits/6853
af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/4523
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31945
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/46150
af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/6853