Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7085


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-7085
Last Modified 26 Aug 2009 12:00:00
Published 26 Aug 2009 10:24:16
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS Online 2.0 Basic and Advanced allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in the viewpage action to the default URI, probably index.php, or (2) divid parameter in the schedule action to index.php.

Vulnerable Systems


  • Thehockeystop Hockeystats Online 2.0


XF - hockeystats-online-index-sql-injection(43852)

BID - 30248

MILW0RM - 6084

Last Updated: 27 May 2016 10:49:28