cpe:/a:vblogix:tutorial_script:1.0 CVE-2008-4350 2008-09-30T14:15:08.703-04:00 2017-09-28T21:32:07.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-10-01T10:36:00.000-04:00 ALLOWS_OTHER_ACCESS BID 31157 SECUNIA 31829 OSVDB 48107 EXPLOIT-DB 6446 VUPEN ADV-2008-2563 XF vblogixtutorials-main-sql-injection(45108) SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.