CVE-2008-3649

Article Friendly Standard - SQL Injection

Title source: llm

Description

SQL injection vulnerability in categorydetail.php in Article Friendly Standard allows remote attackers to execute arbitrary SQL commands via the Cat parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Mr.SQL · textwebappsphp

https://www.exploit-db.com/exploits/6167

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/31292

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44121

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/30453

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6167

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2254

[Third Party Advisory] http://securityreason.com/securityalert/4149

Scores

EPSS 0.0090

EPSS Percentile 75.3%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

articlefriendly/article_friendly

Timeline

Published Aug 13, 2008

Tracked Since Feb 18, 2026