Unrated severityNVD Advisory· Published Apr 22, 2008· Updated Apr 23, 2026

CVE-2008-1613

Description

SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other versions including 6.5 and 7.0, allows remote attackers to execute arbitrary SQL commands via the LngId parameter.

Affected products

Reddot/CMS3 versions
cpe:2.3:a:reddot:cms:6.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:reddot:cms:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:reddot:cms:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:reddot:cms:7.5:build_7.5.0.48:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29843nvd
www.irmplc.com/index.php/167-Advisory-026nvd
www.securityfocus.com/archive/1/491139/100/0/threadednvd
www.securityfocus.com/bid/28872nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41924nvd
www.exploit-db.com/exploits/5482nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000