CVE-2008-3598

2008-08-1219:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

40.3%

JSON

Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php.

References

osvdb.org/35500

secunia.com/advisories/25041/

securityreason.com/securityalert/4140

www.securityfocus.com/bid/30629

exchange.xforce.ibmcloud.com/vulnerabilities/44367

www.exploit-db.com/exploits/6226