Vulnerability Description
SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cj | Ultra Plus | All versions |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/4316
- http://www.securityfocus.com/bid/31333
- http://www.vupen.com/english/advisories/2008/2651
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45458
- https://www.exploit-db.com/exploits/6536
- http://securityreason.com/securityalert/4316
- http://www.securityfocus.com/bid/31333
- http://www.vupen.com/english/advisories/2008/2651
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45458
- https://www.exploit-db.com/exploits/6536
FAQ
What is CVE-2008-4241?
CVE-2008-4241 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie.
How severe is CVE-2008-4241?
CVE-2008-4241 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-4241?
Check the references section above for vendor advisories and patch information. Affected products include: Cj Ultra Plus.