CVE-2008-1404 Information

Description

SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter.

Reference

http://secunia.com/advisories/29389 http://www.securityfocus.com/bid/28255 https://exchange.xforce.ibmcloud.com/vulnerabilities/41216 https://www.exploit-db.com/exploits/5254