CVE-2008-2671
The CVE-2008-2671 entry describes a SQL injection in DCFM Blog 0.9.4, affecting comments.php where an attacker can modify the id parameter to execute arbitrary SQL commands remotely. Affected software: DCFM Blog 0.9.4 (comments.php). Root cause: unsanitized/unchecked id parameter leading to SQL c...