cpe:/a:myiosoft:easybookmarker:4.0 CVE-2008-5652 2008-12-17T13:30:01.250-05:00 2017-09-28T21:32:43.790-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-12-18T09:10:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32199 SECUNIA 32673 SREASON 4770 OSVDB 49701 EXPLOIT-DB 7045 VUPEN ADV-2008-3075 XF easybookmarker-username-sql-injection(46447) SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information.