cpe:/a:haudenschilt:battlenet_clan_script:1.5.1 cpe:/a:haudenschilt:battlenet_clan_script:1.5.2 cpe:/a:haudenschilt:battlenet_clan_script:1.5.3 CVE-2008-2522 2008-06-03T11:32:00.000-04:00 2017-09-28T21:31:12.270-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-06-04T09:39:00.000-04:00 ALLOWS_OTHER_ACCESS BID 29166 SECUNIA 30211 EXPLOIT-DB 5597 XF battlenetclanscript-members-sql-injection(42354) SQL injection vulnerability in members.php in Battle.net Clan Script for PHP 1.5.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showmember parameter in a members action.