CVE-2008-6381

Publication date

2009-03-02 19:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.