Unrated severityNVD Advisory· Published Mar 6, 2009· Updated Apr 23, 2026

CVE-2008-6434

Description

SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter.

Affected products

Blueriver/Sava CMS
cpe:2.3:a:blueriver:sava_cms:*:*:*:*:*:*:*:*
Range: <=5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/30367nvdVendor Advisory
holisticinfosec.org/content/view/67/45/nvd
osvdb.org/45616nvd
www.securityfocus.com/bid/29346nvd
exchange.xforce.ibmcloud.com/vulnerabilities/49225nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000