cpe:/a:rwscripts.com:rw_download_lite:2.0.3 CVE-2007-4845 2007-09-12T16:17:00.000-04:00 2017-09-28T21:29:24.377-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-09-13T16:04:00.000-04:00 ALLOWS_OTHER_ACCESS BID 25589 OSVDB 37077 EXPLOIT-DB 4371 Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter.