Aggregates CVE and security vulnerability intelligence across all cfmsource-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-6324 | SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | [email protected] | 7.5 | 0.48% | 2009-02-27 | 2026-04-23 |
| CVE-2008-6323 | SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | [email protected] | 7.5 | 0.36% | 2009-02-27 | 2026-04-23 |
| CVE-2008-6322 | SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | [email protected] | 7.5 | 0.48% | 2009-02-27 | 2026-04-23 |
| CVE-2008-6319 | SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | [email protected] | 7.5 | 0.48% | 2009-02-27 | 2026-04-23 |