CVE-2008-5003
CVE-2008-5003 describes an SQL injection in ndetail.php of Shahrood, exploitable remotely via the id parameter to execute arbitrary SQL. The NVD entry lists a CVSSv2 base score of 7.5 (HIGH) with network attack vector, low access complexity, and no authentication required; confidentiality, integr...