Return to CVE list

CVE-2008-4073

7.5
Critical

CVE-2008-4073

cve@mitre.org
Modified
View on MITREFind on GitHub

Description

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action.

Exploits

64262008-09-11webappsPHP

Autodealers CMS AutOnline - 'pageid' SQL Injection

By r45c4l
64332008-09-11webappsPHP

Autodealers CMS AutOnline - 'id' SQL Injection

By ZoRLu

References

cve@mitre.org
http://securityreason.com/securityalert/4248
cve@mitre.org
http://www.securityfocus.com/bid/31120
cve@mitre.org
http://www.vupen.com/english/advisories/2008/2551
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/45049
cve@mitre.org
https://www.exploit-db.com/exploits/6426
af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/4248
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31120
af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2551
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/45049
af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/6426