cpe:/a:digiappz:digiaffiliate:1.4 CVE-2008-6487 2009-03-18T11:30:00.390-04:00 2017-09-28T21:33:12.027-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-03-19T09:25:00.000-04:00 BID 32217 EXPLOIT-DB 7067 VUPEN ADV-2008-3068 XF digiaffiliate-login-sql-injection(46500) Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.