CVE-2008-4889
Dev!l's Clanportal < 1.4.9.6 - SQL Injection
Title source: ruleDescription
SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP) 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · perlwebappsphp
https://www.exploit-db.com/exploits/6961
References (7)
Scores
EPSS
0.0100
EPSS Percentile
77.0%
Details
CWE
CWE-89
Status
published
Products (3)
dev\!l\'s/clanportal
1.2.5
dev\!l\'s/clanportal
1.3.6
dev\!l\'s/clanportal
< 1.4.9.6
Published
Nov 04, 2008
Tracked Since
Feb 18, 2026