CVE-2008-6656

2009-04-0710:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.001

Percentile

40.3%

JSON

Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.

References

freshmeat.net/projects/openauto/releases/277061

osvdb.org/50255

osvdb.org/50256

www.securityfocus.com/bid/29027

exchange.xforce.ibmcloud.com/vulnerabilities/42158

www.exploit-db.com/exploits/5531