2 matches found
CVE-2008-1398
CVE-2008-1398 describes an SQL injection in AuraCMS 2.0–2.2.1 via the X-Forwarded-For HTTP header (HTTP_X_FORWARDED_FOR environment variable) that allows remote execution of arbitrary SQL commands. Affected component is online.php; root cause is improper handling/validation of the header value in...
CVE-2008-1398
creationtimestamp| type| source ---|---|--- 2008-03-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5256...