CVE-2008-2529

Description

SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter.

Affected products

• advanced_links_management / advanced_links_management1.5.2 – 1.5.2

References

• EXPLOIThttps://www.exploit-db.com/exploits/5581
• MISChttp://www.securityfocus.com/bid/29137
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/42320