CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-4073

HIGH
7.5
CVSS Severity Score
EPSS Score0.0670%
EPSS Percentile13.68th
Published2008年9月15日
Last Modified2026年4月23日

Vulnerability Description

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action.

Affected Platforms (CPE)

📦
Zanfi Solutions

Autodealers Cms Autonline

All versions

References & Advisories

🔗 http://securityreason.com/securityalert/4248
🔗 http://www.securityfocus.com/bid/31120
🔗 http://www.vupen.com/english/advisories/2008/2551
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45049
🔗 https://www.exploit-db.com/exploits/6426
🔗 http://securityreason.com/securityalert/4248
🔗 http://www.securityfocus.com/bid/31120
🔗 http://www.vupen.com/english/advisories/2008/2551

関連する脆弱性情報

CVE-2008-40747.5

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL comma...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...