cpe:/a:predictionfootball:predictionfootball:1 CVE-2008-1732 2008-04-11T15:05:00.000-04:00 2017-09-28T21:30:50.847-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-04-14T09:48:00.000-04:00 ALLOWS_OTHER_ACCESS BID 28704 EXPLOIT-DB 5410 VUPEN ADV-2008-1160 XF predictionfootball-matchid-sql-injection(41728) SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action.