CVE-2008-1631

2008-04-0217:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.8%

JSON

SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php.

References

secunia.com/advisories/29612

securityreason.com/securityalert/3792

www.securityfocus.com/archive/1/490305/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/41544