SQL Injection Vulnerabilities in e-Vision CMS by e-Vision
CVE-2008-0856

Currently unrated

Key Information:

Vendor: E-vision
Status: E-vision Cms
Vendor: CVE Published:; 21 February 2008

What is CVE-2008-0856?

Multiple SQL injection vulnerabilities exist in e-Vision CMS version 2.02, enabling remote attackers to execute arbitrary SQL commands through manipulation of the 'id' parameter in 'iframe.php' and 'print.php' files. This exploit could allow unauthorized access to sensitive data, making it crucial for affected users to apply security patches and mitigate risks.

References

http://www.securityfocus.com/bid/27816

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/40859

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 21, 2008
Vulnerability Reserved
Feb 20, 2008

CVE-2008-0856 Data

JSON

E-vision

What is CVE-2008-0856?

References

Timeline