Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6225


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6225
Last Modified 07 Mar 2011 10:15:55
Published 20 Feb 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



** DISPUTED ** SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist."

Vulnerable Systems


  • Mole-group Airline Ticket Sale Script -


XF - airlineticket-info-sql-injection(46383)

VUPEN - ADV-2008-3027

BID - 32138


MILW0RM - 7009

SECUNIA - 32577

OSVDB - 49694

Last Updated: 27 May 2016 10:49:06