1. Home
  2. CVE Database
  3. CVE-2008-6614
HIGH · 7.5

CVE-2008-6614

Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrat...

Vulnerability Description

Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrators_username parameter (aka the Username field) or (2) the administrators_pass parameter (aka the Password field).

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
ImpliedbydesignIbd Micro Cms3.5

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2008-6614?

CVE-2008-6614 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrat...

How severe is CVE-2008-6614?

CVE-2008-6614 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-6614?

Check the references section above for vendor advisories and patch information. Affected products include: Impliedbydesign Ibd Micro Cms.