CVE-2008-5588
The CVE-2008-5588 entry documents an SQL injection in rankup.asp of Katy Whitton RankEm, exploitable via the siteID parameter. The underlying issue is improper handling/validation of siteID, enabling remote attackers to execute arbitrary SQL commands. Affected software: RankEm (rankup.asp). Impac...