Unrated severityNVD Advisory· Published Apr 6, 2009· Updated Jun 16, 2026
CVE-2008-6614
CVE-2008-6614
Description
Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrators_username parameter (aka the Username field) or (2) the administrators_pass parameter (aka the Password field).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:impliedbydesign:ibd_micro_cms:3.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:impliedbydesign:ibd_micro_cms:3.5:*:*:*:*:*:*:*
- (no CPE)range: 3.5
Patches
Vulnerability mechanics
References
8- www.securityfocus.com/bid/29159nvdExploit
- www.securityfocus.com/bid/29159/exploitnvdExploit
- archives.neohapsis.com/archives/fulldisclosure/2008-05/0344.htmlnvd
- osvdb.org/51298nvd
- wired-security.net/texts/advisories/IBD_Micro_CMS_3.5_SQL_Injection_Login_Bypass_Advisory.txtnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/42539nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/53272nvd
- www.exploit-db.com/exploits/9699nvd
News mentions
0No linked articles in our index yet.