Unrated severityNVD Advisory· Published Jan 23, 2008· Updated Apr 23, 2026

CVE-2008-0397

Description

Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to comments.php and (2) an unspecified parameter to view.php.

Affected products

Aflog.org/Aflog
cpe:2.3:a:aflog.org:aflog:1.01:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/28594nvd
www.securityfocus.com/bid/27398nvd
www.vupen.com/english/advisories/2008/0255nvd
exchange.xforce.ibmcloud.com/vulnerabilities/39825nvd
www.exploit-db.com/exploits/4958nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000