CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2618

SQL injection vulnerability in the Surveys (aka NS-Polls) module in MDPro (MD-Pro) 1.083.x allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results action to modules.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/9021
http://www.securityfocus.com/bid/35495
https://exchange.xforce.ibmcloud.com/vulnerabilities/51385
http://www.exploit-db.com/exploits/9021
http://www.securityfocus.com/bid/35495
https://exchange.xforce.ibmcloud.com/vulnerabilities/51385

Products affected by CVE-2009-2618

Maxdev » Mdpro » Version: 1.083

cpe:2.3:a:maxdev:mdpro:1.083

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2618

Products

Pricing

Contact Us