Vulnerabilities > Drake Team > Drake CMS > 0.2

DATE	CVE	VULNERABILITY TITLE	RISK
2009-03-16	CVE-2008-6475	SQL Injection vulnerability in Drake Team Drake CMS 0.2 SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php. network low complexity drake-team CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.