Vulnonym.org

CVE-2008-1613 - Uncultivated Originators

Description

SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48 and possibly other versions including 6.5 and 7.0 allows remote attackers to execute arbitrary SQL commands via the LngId parameter.

Reference

http://www.irmplc.com/index.php/167-Advisory-026 http://www.securityfocus.com/bid/28872 http://secunia.com/advisories/29843 https://exchange.xforce.ibmcloud.com/vulnerabilities/41924 https://www.exploit-db.com/exploits/5482 http://www.securityfocus.com/archive/1/491139/100/0/threaded

Exploit

CVE-2008-1613