Unrated severityNVD Advisory· Published Feb 21, 2009· Updated Apr 23, 2026

CVE-2008-6236

Description

SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected products

Cafuego/Simple Document Management System2 versions
cpe:2.3:a:cafuego:simple_document_management_system:1.1.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cafuego:simple_document_management_system:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:cafuego:simple_document_management_system:1.1.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/32114nvdExploit
secunia.com/advisories/32502nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/46342nvd
exchange.xforce.ibmcloud.com/vulnerabilities/48944nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000