CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2164

Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.0%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.securityfocus.com/archive/1/504136/100/0/threaded
https://www.exploit-db.com/exploits/8884
https://www.exploit-db.com/exploits/8885
http://www.securityfocus.com/archive/1/504136/100/0/threaded
https://www.exploit-db.com/exploits/8884
https://www.exploit-db.com/exploits/8885

Products affected by CVE-2009-2164

Kjtechforce » Mailman » Version: beta1

cpe:2.3:a:kjtechforce:mailman:beta1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2164

Products

Pricing

Contact Us