Unrated severityNVD Advisory· Published Feb 20, 2009· Updated Apr 23, 2026

CVE-2008-6220

Description

SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter.

Affected products

Cafuego/Simple Document Management System2 versions
cpe:2.3:a:cafuego:simple_document_management_system:1.1.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cafuego:simple_document_management_system:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:cafuego:simple_document_management_system:1.1.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/32502nvdVendor Advisory
www.securityfocus.com/bid/32114nvd
exchange.xforce.ibmcloud.com/vulnerabilities/46342nvd
www.exploit-db.com/exploits/6987nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000