CVE-2008-3089 Information

Description

SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.

Reference

http://secunia.com/advisories/30926 http://www.securityfocus.com/bid/30101 https://exchange.xforce.ibmcloud.com/vulnerabilities/43607 https://www.exploit-db.com/exploits/6010