CVE-2008-3118

PHPmotion <2.0 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by EgiX · phpwebappsphp
https://www.exploit-db.com/exploits/5938

References (3)

Scores

EPSS 0.0041
EPSS Percentile 61.6%

Details

CWE
CWE-89
Status published
Products (2)
phpmotion/phpmotion 1.0
phpmotion/phpmotion < 2.0
Published Jul 10, 2008
Tracked Since Feb 18, 2026