CVE-2008-4711

CVE-2008-4711 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php.

Learn more about our Web Application Penetration Testing UK.