Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2008-1990

Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp.

  • Published: Apr 27, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-1990
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
acidcat / acidcat_cms 3.4.1 3.4.1.x