CVE-2008-4175

2008-09-2315:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON

Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.

References

secunia.com/advisories/31853

securityreason.com/securityalert/4299

www.securityfocus.com/bid/31191

exchange.xforce.ibmcloud.com/vulnerabilities/45153

exchange.xforce.ibmcloud.com/vulnerabilities/45155

www.exploit-db.com/exploits/6466