VYPR
Unrated severityNVD Advisory· Published Feb 25, 2009· Updated Jun 16, 2026

CVE-2008-6282

CVE-2008-6282

Description

SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS Ortus 1.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the city parameter in a users_edit_pub action to index.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:ortus.nirn:cms_ortus:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:ortus.nirn:cms_ortus:*:*:*:*:*:*:*:*range: <=1.13
    • cpe:2.3:a:ortus.nirn:cms_ortus:1.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ortus.nirn:cms_ortus:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ortus.nirn:cms_ortus:1.12:*:*:*:*:*:*:*
  • Range: <=1.13

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.