CVE-2008-4344

SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.

Published : 2008-09-30 17:22 Updated : 2017-08-08 01:32

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
6rbscript 6rbscript cpe:/a:6rbscript:6rbscript
  1. 6rbscript (1) Search CVE
    1. 6rbscript (1) Search CVE

CWE

ID Name Description Links
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. CVE

History of changes

Date Event
2017-08-08 05:51
2008-09-30 17:22

New CVE