Vulnerability Details CVE-2008-3089
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/30926
- http://www.securityfocus.com/bid/30101
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43607
- https://www.exploit-db.com/exploits/6010
- http://secunia.com/advisories/30926
- http://www.securityfocus.com/bid/30101
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43607
- https://www.exploit-db.com/exploits/6010