CVE-2008-1508

SQL injection vulnerability in EfesTech E-Kont?r and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Published : 2008-03-25 23:44 Updated : 2019-10-10 11:27

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Efestech E-kontor - cpe:/a:efestech:e-kontor:-
  1. Efestech (1) Search CVE
    1. E-kontor (1) Search CVE
      1. -

CWE

ID Name Description Links
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. CVE

History of changes

Date Event
2019-03-18 02:30
2018-10-11 20:35
2017-08-08 05:33
2008-03-25 23:44

New CVE