CVE-2008-4371

AvailScript Article Script - SQL Injection via aIDS Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4371. PoCs published by sl4xUz.

AI-analyzed exploit summary The provided code is a writeup detailing SQL injection and XSS vulnerabilities in Availscript Article Script. It includes PoC URLs but no executable exploit code.

Description

SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by sl4xUz · textwebappsphp
https://www.exploit-db.com/exploits/6409

The provided code is a writeup detailing SQL injection and XSS vulnerabilities in Availscript Article Script. It includes PoC URLs but no executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Theoretical
Target: Availscript Article Script (version not specified)
No auth needed
Prerequisites: access to the vulnerable articles.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45019
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31095
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6409
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4331
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31816

Scores

EPSS 0.0100
EPSS Percentile 58.1%

Details

CWE
CWE-89
Status published
Products (1)
availscript/availscript_article_script
Published Oct 01, 2008
Tracked Since Feb 18, 2026