1 results (0.001 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-1404 – eXV2 Module Viso 2.0.4.3 - 'kid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1404
20 Mar 2008 — SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter. Vulnerabilidad de inyección SQL en index.php del módulo Viso (Industry Book) 2.04 y 2.03 para eXV2 permite a atacantes remotos ejecutar comandos SQL de su elección utilizando el parámetro kid. • https://www.exploit-db.com/exploits/5254 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •