CVE-2008-1613 Information

Description

SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48 and possibly other versions including 6.5 and 7.0 allows remote attackers to execute arbitrary SQL commands via the LngId parameter.

Reference

http://secunia.com/advisories/29843 http://www.irmplc.com/index.php/167-Advisory-026 http://www.securityfocus.com/archive/1/491139/100/0/threaded http://www.securityfocus.com/bid/28872 https://exchange.xforce.ibmcloud.com/vulnerabilities/41924 https://www.exploit-db.com/exploits/5482