CVE-2008-5851

My PBS - SQL Injection

Title source: llm

Description

SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote attackers to execute arbitrary SQL commands via the seasonID parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Piker · perlwebappsphp
https://www.exploit-db.com/exploits/7522

References (4)

Scores

EPSS 0.0029
EPSS Percentile 52.3%

Details

CWE
CWE-89
Status published
Products (1)
mypbs/mypbs _nil_
Published Jan 06, 2009
Tracked Since Feb 18, 2026