PT-2008-2927 · Koobi · Koobi Cms
Joss
·
Published
2008-03-13
·
Updated
2018-10-11
·
CVE-2008-1336
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Koobi CMS versions 4.2.3 through 4.3.0
Description
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the
categ parameter in a "links" action to "index.php".Recommendations
For Koobi CMS versions 4.2.3 through 4.3.0, avoid using the
categ parameter in the "links" action to "index.php" until the issue is resolved.Exploit
Fix
RCE
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Koobi Cms