CVE-2008-3250

Description

SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter.

Affected products

• arctictracker / arctic_issue_tracker2.0.0 – 2.0.0

References

• MISChttp://securityreason.com/securityalert/4017
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43872
• VENDOR_ADVISORYhttp://secunia.com/advisories/31139
• MISChttp://www.securityfocus.com/bid/30277
• EXPLOIThttps://www.exploit-db.com/exploits/6113
• EXPLOIThttps://www.exploit-db.com/exploits/6097