CVE-2008-6230

Preprojects Pre Podcast Portal - SQL Injection

Title source: rule

Description

SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by G4N0K · textwebappsphp

https://www.exploit-db.com/exploits/6997

View Code ZIP pw:eip

References (5)

Core 5

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/3016

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32563

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6997

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32124

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/46386

Scores

EPSS 0.0051

EPSS Percentile 66.5%

Details

CWE

CWE-89

Status published

Products (1)

preprojects/pre_podcast_portal

Published Feb 20, 2009

Tracked Since Feb 18, 2026