Unrated severityNVD Advisory· Published Mar 20, 2008· Updated Jun 16, 2026
CVE-2008-1398
CVE-2008-1398
Description
SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.