CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0458

Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/51733
http://secunia.com/advisories/33777
http://www.securityfocus.com/bid/33564
https://www.exploit-db.com/exploits/7940
http://osvdb.org/51733
http://secunia.com/advisories/33777
http://www.securityfocus.com/bid/33564
https://www.exploit-db.com/exploits/7940

Products affected by CVE-2009-0458

Wholehogsoftware » Ware Support » Version: 1.0

cpe:2.3:a:wholehogsoftware:ware_support:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0458

Products

Pricing

Contact Us