CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1631

SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/29612
http://securityreason.com/securityalert/3792
http://www.securityfocus.com/archive/1/490305/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/41544
http://secunia.com/advisories/29612
http://securityreason.com/securityalert/3792
http://www.securityfocus.com/archive/1/490305/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/41544

Products affected by CVE-2008-1631

Emedia Office Gmbh » Cuteflow » Version: 1.5.0

cpe:2.3:a:emedia_office_gmbh:cuteflow:1.5.0
Emedia Office Gmbh » Cuteflow » Version: 2.10.0

cpe:2.3:a:emedia_office_gmbh:cuteflow:2.10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1631

Products

Pricing

Contact Us