CVE-2008-5955

Wbstreet 1.0 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by CWH Underground · textwebappsphp

https://www.exploit-db.com/exploits/7337

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by CWH Underground · textwebappsphp

https://www.exploit-db.com/exploits/32642

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/32635

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7337

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47073

[Third Party Advisory] http://secunia.com/advisories/32994

Scores

EPSS 0.0043

EPSS Percentile 61.8%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

phpstreet/webboard

Timeline

Published Jan 23, 2009

Tracked Since Feb 18, 2026