2 matches found
CVE-2008-2671
The CVE-2008-2671 entry describes a SQL injection in DCFM Blog 0.9.4, affecting comments.php where an attacker can modify the id parameter to execute arbitrary SQL commands remotely. Affected software: DCFM Blog 0.9.4 (comments.php). Root cause: unsanitized/unchecked id parameter leading to SQL c...
CVE-2008-2671
creationtimestamp| type| source ---|---|--- 2008-06-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5772...