cpe:/a:cogites:e_reserve:2.1 CVE-2008-1975 2008-04-27T15:05:00.000-04:00 2017-09-28T21:30:58.363-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-04-28T11:15:00.000-04:00 ALLOWS_OTHER_ACCESS BID 28899 SECUNIA 29914 EXPLOIT-DB 5487 VUPEN ADV-2008-1345 XF ereserv-idloc-sql-injection(41970) SQL injection vulnerability in index.php in E-RESERV 2.1 allows remote attackers to execute arbitrary SQL commands via the ID_loc parameter.