Vulnerability Details CVE-2009-2786
SQL injection vulnerability in reputation.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the poster parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/56612
- http://secunia.com/advisories/36020
- http://www.exploit-db.com/exploits/9289
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52088
- http://osvdb.org/56612
- http://secunia.com/advisories/36020
- http://www.exploit-db.com/exploits/9289
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52088
Products affected by CVE-2009-2786
-
cpe:2.3:a:punbb:punbb:*
-
cpe:2.3:a:reputation:reputation:*
-
cpe:2.3:a:reputation:reputation:2.0.4
-
cpe:2.3:a:reputation:reputation:2.2.3