CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0734

HIGH
7.5
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile31.12th
PublishedFeb 13, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php.

Affected Platforms (CPE)

πŸ“¦
Limbo Cms

Limbo Cms

<= 1.0.4.2

References & Advisories

πŸ”— http://www.securityfocus.com/bid/27710
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/40415
πŸ”— https://www.exploit-db.com/exploits/5088
πŸ”— http://www.securityfocus.com/bid/27710
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/40415
πŸ”— https://www.exploit-db.com/exploits/5088

Related Vulnerabilities

CVE-2006-486010.0

Multiple unspecified vulnerabilities in (1) index.php, (2) minixml.inc.php, (3) doc.inc.php, (4) element.inc.php, (5) node.inc.php...

CVE-2006-48597.5

Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1....

CVE-2005-43187.5

SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to e...

CVE-2006-16627.5

The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid par...