cpe:/a:hotscripts:ablespace:1.0 CVE-2008-2491 2008-05-28T11:32:00.000-04:00 2017-08-07T21:31:05.340-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-05-28T14:31:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080525 Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability BID 29369 XF ablespace-advcat-sql-injection(42635) SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.