← back
CVE-2008-2679

CVE-2008-2679

EPSS 1.0%
SQL injection vulnerability in the KeyWordsList function in _includes/inc_routines.asp in Realm CMS 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the kwrd parameter in a kwl action to the default URI.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5766unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugreport.ir/index.php?/40http://secunia.com/advisories/30583https://exchange.xforce.ibmcloud.com/vulnerabilities/42952https://www.exploit-db.com/exploits/5766http://www.securityfocus.com/bid/29616