cpe:/a:kolifa:download_script:1.2 CVE-2008-4054 2008-09-11T17:06:48.133-04:00 2017-09-28T21:31:57.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-09-12T12:42:00.000-04:00 ALLOWS_OTHER_ACCESS BID 30839 SECUNIA 31621 SREASON 4235 EXPLOIT-DB 6310 XF kds-indir-sql-injection(44698) SQL injection vulnerability in indir.php in Kolifa.net Download Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.