CVE-2008-0942

Aeries Student Information System 3.8.2.8 - SQL Injection via GradebookStuScores.asp GrdBk Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0942. PoCs published by Arsalan Emamjomehkashan.

AI-analyzed exploit summary The provided text describes SQL injection and HTML injection vulnerabilities in Aeries Student Information System but does not include functional exploit code. It references a URL parameter vulnerable to SQLi without payload details.

Description

SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Arsalan Emamjomehkashan · textwebappsphp
https://www.exploit-db.com/exploits/31278

The provided text describes SQL injection and HTML injection vulnerabilities in Aeries Student Information System but does not include functional exploit code. It references a URL parameter vulnerable to SQLi without payload details.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Aeries Student Information System 3.8.2.8, 3.7.2.2
No auth needed
Prerequisites: Access to the vulnerable URL parameter
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488456/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3695
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27924
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40847

Scores

EPSS 0.0097
EPSS Percentile 57.5%

Details

CWE
CWE-89
Status published
Products (2)
aeries/aeries_student_information_system 3.7.2.2
aeries/aeries_student_information_system 3.8.2.8
Published Feb 25, 2008
Tracked Since Feb 18, 2026