cpe:/a:cfmsource:cf_forum:- CVE-2008-6324 2009-02-27T06:30:00.500-05:00 2017-09-28T21:33:06.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-02-27T13:15:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32767 SECUNIA 33064 EXPLOIT-DB 7416 SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.