CyberSec.Space Logo
Back to CVE Browser

CVE-2008-4074

HIGH
7.5
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile25.62th
PublishedSep 15, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Affected Platforms (CPE)

πŸ“¦
Zanfi Solutions

Autodealers Cms Autonline

All versions

References & Advisories

πŸ”— http://securityreason.com/securityalert/4247
πŸ”— http://www.securityfocus.com/bid/31137
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/45049
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/45200
πŸ”— https://www.exploit-db.com/exploits/6433
πŸ”— http://securityreason.com/securityalert/4247
πŸ”— http://www.securityfocus.com/bid/31137
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/45049

Related Vulnerabilities

CVE-2008-40737.5

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL comma...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...