Sobi · Com Sobi2 · CVE-2009-0380
**Name of the Vulnerable Software and Affected Versions**
com sobi2 version 2.8.2
**Description**
A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `bid` parameter in a "showbiz" action to `index.php`.
**Recommendations**
For version 2.8.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.