Unrated severityNVD Advisory· Published Aug 15, 2008· Updated Jun 16, 2026
CVE-2008-3701
CVE-2008-3701
Description
SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:kayako:supportsuite:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:kayako:supportsuite:*:*:*:*:*:*:*:*range: <=3.20.02
- cpe:2.3:a:kayako:supportsuite:3.10.00:*:*:*:*:*:*:*
- cpe:2.3:a:kayako:supportsuite:3.10.02:*:*:*:*:*:*:*
- cpe:2.3:a:kayako:supportsuite:3.11.00:*:*:*:*:*:*:*
- cpe:2.3:a:kayako:supportsuite:3.11.01:*:*:*:*:*:*:*
- (no CPE)range: <=3.20.02
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.