CVE-2008-2135

Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php.

Published: May 9, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-2135
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
visualshapers / ezcontents	2.0.0	2.0.0.x

http://securityreason.com/securityalert/3865
http://www.securityfocus.com/archive/1/491813/100/0/threaded
http://www.securityfocus.com/bid/29098
https://exchange.xforce.ibmcloud.com/vulnerabilities/42260
https://www.exploit-db.com/exploits/5559

Vulnerability Database

291,049

CVE-2008-2135