CVE-2008-3245

Description

SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote attackers to execute arbitrary SQL commands via the viewCat parameter.

Affected products

• cable-modems / phphoo34.3.9 – 4.3.9
• cable-modems / phphoo34.3.10 – 4.3.10
• cable-modems / phphoo34.4.8 – 4.4.8
• cable-modems / phphoo35.2.6 – 5.2.6

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/31130
• MISChttp://www.securityfocus.com/bid/30271
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43860
• EXPLOIThttps://www.exploit-db.com/exploits/6091