cpe:/a:topper:toppermod:2.0 CVE-2008-1554 2008-03-31T13:44:00.000-04:00 2017-09-28T21:30:46.253-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-04-01T09:28:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080327 TopperMod 2.0 Remote SQL Injection Vulnerability BID 28447 EXPLOIT-DB 5311 XF toppermod-mod-sql-injection(41441) SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism.