SQL Injection in MAXSITE by MAXSITE
CVE-2008-2487

Currently unrated

Key Information:

Vendor: Maxsite
Status: Maxsite
Vendor: CVE Published:; 28 May 2008

What is CVE-2008-2487?

A SQL injection vulnerability exists in the index.php file of MAXSITE versions 1.10 and earlier. This flaw allows remote attackers to manipulate SQL queries through unauthorized input in the category parameter during a webboard action. Successful exploitation can lead to arbitrary SQL command execution, potentially compromising the integrity and security of the application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/42634

vdb-entryx_refsource_XF

http://secunia.com/advisories/30306

third-party-advisoryx_refsource_SECUNIA

https://www.exploit-db.com/exploits/5676

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2008
Vulnerability Reserved
May 28, 2008

JSON

Maxsite

What is CVE-2008-2487?

References

Timeline