Unrated severityNVD Advisory· Published Sep 30, 2008· Updated Apr 23, 2026
CVE-2008-4364
CVE-2008-4364
Description
SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page.
Affected products
1- cpe:2.3:a:parsagostar:parsaweb_cms:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6News mentions
0No linked articles in our index yet.