CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0711

filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some sources, but the provenance of that information is unknown.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.9%

CVSS Severity

CVSS v2 Score 5.0

References

http://secunia.com/advisories/33367
http://www.osvdb.org/51102
https://www.exploit-db.com/exploits/7636
http://secunia.com/advisories/33367
http://www.osvdb.org/51102
https://www.exploit-db.com/exploits/7636

Products affected by CVE-2009-0711

Vlad Alexa Mancini » Phpfootball » Version: 1.5

cpe:2.3:a:vlad_alexa_mancini:phpfootball:1.5
Vlad Alexa Mancini » Phpfootball » Version: 1.6

cpe:2.3:a:vlad_alexa_mancini:phpfootball:1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0711

Products

Pricing

Contact Us