Vulnerability Details CVE-2008-6220
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/32502
- http://www.securityfocus.com/bid/32114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
- https://www.exploit-db.com/exploits/6987
- http://secunia.com/advisories/32502
- http://www.securityfocus.com/bid/32114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
- https://www.exploit-db.com/exploits/6987
Products affected by CVE-2008-6220
-
cpe:2.3:a:cafuego:simple_document_management_system:1.1.4
-
cpe:2.3:a:cafuego:simple_document_management_system:1.1.5