Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4074


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4074
Last Modified 29 Jan 2009 01:55:23
Published 15 Sep 2008 11:14:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Vulnerable Systems


  • Zanfi Solutions Autodealers Cms Autonline


XF - autodealerscms-id-sql-injection(45200)

XF - autodealerscms-index-sql-injection(45049)

BID - 31137

MILW0RM - 6433

SREASON - 4247

Last Updated: 27 May 2016 10:48:22