CVE-2008-1408

2008-03-20T10:44:00
ID CVE-2008-1408
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:30:00

Description

SQL injection vulnerability in includes/functions/banners-external.php in phpBP 2 RC3 (2.204) FIX 4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a banner_out action.