Vulnerability Details CVE-2008-6220
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/32502
- http://www.securityfocus.com/bid/32114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
- https://www.exploit-db.com/exploits/6987
- http://secunia.com/advisories/32502
- http://www.securityfocus.com/bid/32114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
- https://www.exploit-db.com/exploits/6987
Products affected by CVE-2008-6220
-
cpe:2.3:a:cafuego:simple_document_management_system:1.1.4
-
cpe:2.3:a:cafuego:simple_document_management_system:1.1.5