CVE-2008-1551 – RunCMS Module Photo 3.02 - 'cid' SQL Injection

https://notcve.org/view.php?id=CVE-2008-1551

SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. Vulnerabilidad de inyección SQL en viewcat.php del módulo Photo 3.02 para RunCMS permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cid. • https://www.exploit-db.com/exploits/5290 http://secunia.com/advisories/29513 http://www.securityfocus.com/bid/28395 https://exchange.xforce.ibmcloud.com/vulnerabilities/41378 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •