cpe:/a:bcoos:bcoos:1.0.9 cpe:/a:bcoos:bcoos:1.0.10 cpe:/a:bcoos:bcoos:1.0.11 cpe:/a:bcoos:bcoos:1.0.12 cpe:/a:bcoos:bcoos:1.0.13 CVE-2008-6381 2009-03-02T14:30:00.517-05:00 2017-09-28T21:33:08.777-04:00 4.6 NETWORK HIGH SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-03-03T10:23:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32561 SECUNIA 32870 OSVDB 50373 EXPLOIT-DB 7317 XF bcoos-viewcat-sql-injection(46973) SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.