CVE-2008-6236

SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
cafuegosimple_document_management_system
1.1.4
cafuegosimple_document_management_system
1.1.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32502
http://www.securityfocus.com/bid/32114
https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
https://exchange.xforce.ibmcloud.com/vulnerabilities/48944
http://secunia.com/advisories/32502
http://www.securityfocus.com/bid/32114
https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
https://exchange.xforce.ibmcloud.com/vulnerabilities/48944