cpe:/a:precoc:precms:1.0 CVE-2008-3254 2008-07-22T12:41:00.000-04:00 2017-09-28T21:31:36.053-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-07-23T11:40:00.000-04:00 BID 30278 SECUNIA 31138 EXPLOIT-DB 6096 XF precms-index-sql-injection(43882) SQL injection vulnerability in index.php in preCMS 1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a UserProfil action.