VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 25, 2008· Updated Apr 23, 2026

CVE-2008-2843

CVE-2008-2843

Description

Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp.

Affected products

1
  • Doitlive/CMS
    cpe:2.3:a:doitlive:cms:*:*:*:*:*:*:*:*
    Range: <=2.50

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.