CVE-2008-3507

critical

Description

SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action.

References

https://www.exploit-db.com/exploits/6207

https://exchange.xforce.ibmcloud.com/vulnerabilities/44230

http://www.securityfocus.com/bid/30575

Details

Source: Mitre, NVD

Published: 2008-08-07

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00127

Detections

Analytics