CVE-2008-3670

Article Friendly Pro - SQL Injection

Title source: llm

Description

SQL injection vulnerability in authordetail.php in Article Friendly Pro allows remote attackers to execute arbitrary SQL commands via the autid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Mr.SQL · textwebappsphp

https://www.exploit-db.com/exploits/6167

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/31292

[Exploit] http://www.securityfocus.com/bid/30452

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44120

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6167

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2255/references

[Third Party Advisory] http://securityreason.com/securityalert/4149

Scores

EPSS 0.0093

EPSS Percentile 75.8%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

articlefriendly/article_friendly

Timeline

Published Aug 13, 2008

Tracked Since Feb 18, 2026