Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6263


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6263
Last Modified 09 Jun 2009 01:30:29
Published 24 Feb 2009 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information.

Vulnerable Systems


  • Infireal Saturncms -


XF - saturncms-tuser-sql-injection(48952)

XF - saturncms-username-sql-injection(46651)

BID - 32336

MILW0RM - 7147

SECUNIA - 32726

Last Updated: 27 May 2016 10:49:08