Vulnerability Details CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://dmxready.helpserve.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=93
- http://dmxready.helpserve.com/index.php?_m=news&_a=viewnews&newsid=12
- http://secunia.com/advisories/33482
- http://www.securityfocus.com/bid/33253
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48013
- https://www.exploit-db.com/exploits/7787
- http://dmxready.helpserve.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=93
- http://dmxready.helpserve.com/index.php?_m=news&_a=viewnews&newsid=12
- http://secunia.com/advisories/33482
- http://www.securityfocus.com/bid/33253
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48013
- https://www.exploit-db.com/exploits/7787
Products affected by CVE-2009-0428
-
cpe:2.3:a:dmxready:secure_document_library:*
-
cpe:2.3:a:dmxready:secure_document_library:1.0