VYPR
Unrated severityNVD Advisory· Published Sep 24, 2008· Updated Jun 16, 2026

CVE-2008-4145

CVE-2008-4145

Description

SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Addalink/Addalink2 versions
    cpe:2.3:a:addalink:addalink:*:beta4:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:addalink:addalink:*:beta4:*:*:*:*:*:*range: <=1.0
    • (no CPE)range: <=1.0 beta 4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.