Vulnerability Description
SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pozscripts | Business Directory Script | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/49822Exploit
- http://secunia.com/advisories/32647Vendor Advisory
- http://securityreason.com/securityalert/4714
- http://www.securityfocus.com/bid/32264Exploit
- http://www.vupen.com/english/advisories/2008/3118
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46558
- https://www.exploit-db.com/exploits/7098
- http://osvdb.org/49822Exploit
- http://secunia.com/advisories/32647Vendor Advisory
- http://securityreason.com/securityalert/4714
- http://www.securityfocus.com/bid/32264Exploit
- http://www.vupen.com/english/advisories/2008/3118
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46558
- https://www.exploit-db.com/exploits/7098
FAQ
What is CVE-2008-5496?
CVE-2008-5496 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
How severe is CVE-2008-5496?
CVE-2008-5496 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5496?
Check the references section above for vendor advisories and patch information. Affected products include: Pozscripts Business Directory Script.