Unrated severityNVD Advisory· Published Sep 11, 2009· Updated Jun 16, 2026
CVE-2008-7208
CVE-2008-7208
Description
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
10- sourceforge.net/forum/forum.phpnvdPatch
- www.bugreport.ir/index_26.htmnvdExploit
- www.securityfocus.com/bid/27158nvdExploit
- www.vupen.com/english/advisories/2008/0081nvdVendor Advisory
- osvdb.org/51057nvd
- osvdb.org/51058nvd
- www.securityfocus.com/archive/1/485837/100/200/threadednvd
- www.securityfocus.com/archive/1/487136/100/200/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/39482nvd
- www.exploit-db.com/exploits/4857nvd
News mentions
0No linked articles in our index yet.