CVE-2008-1272

CVE-2008-1272 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showad.php and the (2) ad parameter to pfriendly.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.