Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2096


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2096
Last Modified 29 Jan 2009 01:49:13
Published 07 May 2008 03:20:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php.

Vulnerable Systems


  • Backlinkspider Backlink Spider


XF - backlinkspider-catid-sql-injection(42189)

BID - 29054

BUGTRAQ - 20080505 [ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability

MILW0RM - 5546

SREASON - 3857

Last Updated: 27 May 2016 10:47:45