CVE-2008-7208

Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
Configurations

Configuration 1

cpe:2.3:a:insane_visions:onecms:*:*:*:*:*:*:*:*

Information

Published : 2009-09-11 04:30

Updated : 2018-10-11 08:58


NVD link : CVE-2008-7208

Mitre link : CVE-2008-7208

Products Affected
CWE