VYPR
Unrated severityNVD Advisory· Published Apr 2, 2008· Updated Jun 16, 2026

CVE-2008-1631

CVE-2008-1631

Description

SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php.

Affected products

3
  • Cuteflow/Cuteflow3 versions
    cpe:2.3:a:emedia_office_gmbh:cuteflow:1.5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:emedia_office_gmbh:cuteflow:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:emedia_office_gmbh:cuteflow:2.10.0:*:*:*:*:*:*:*
    • (no CPE)range: 1.5.0, 2.10.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.