CVE-2008-6381 Information

Description

SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13 and possibly earlier allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.

Reference

http://osvdb.org/50373 http://secunia.com/advisories/32870 http://www.securityfocus.com/bid/32561 https://exchange.xforce.ibmcloud.com/vulnerabilities/46973 https://www.exploit-db.com/exploits/7317