CVE-2008-2792

Erocms < 1.4 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in eroCMS 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the site parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mr.SQL · textwebappsphp
https://www.exploit-db.com/exploits/5846

References (4)

Scores

EPSS 0.0049
EPSS Percentile 64.9%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

erocms/erocms < 1.4

Timeline

Published Jun 20, 2008
Tracked Since Feb 18, 2026