CVE-2008-2394

Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:tagworx:tagworx_cms:3.00.02:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-05-21 13:24

Updated : 2024-02-28 11:21


NVD link : CVE-2008-2394

Mitre link : CVE-2008-2394

CVE.ORG link : CVE-2008-2394


JSON object : View

Products Affected

tagworx

  • tagworx_cms
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')