CVE-2008-6391

Nexusjnr Jbook - SQL Injection

Title source: rule

Description

SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username (user parameter).

Exploits (1)

exploitdb WRITEUP VERIFIED
by Pouya_Server · textwebappsasp
https://www.exploit-db.com/exploits/32635

References (1)

Scores

EPSS 0.0039
EPSS Percentile 59.8%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

nexusjnr/jbook

Timeline

Published Mar 02, 2009
Tracked Since Feb 18, 2026