CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2921

Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspassword parameter (Password field).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/9353
http://www.vupen.com/english/advisories/2009/2161
https://exchange.xforce.ibmcloud.com/vulnerabilities/52231
http://www.exploit-db.com/exploits/9353
http://www.vupen.com/english/advisories/2009/2161
https://exchange.xforce.ibmcloud.com/vulnerabilities/52231

Products affected by CVE-2009-2921

Mocdesigns » Php News » Version: 1.1

cpe:2.3:a:mocdesigns:php_news:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2921

Products

Pricing

Contact Us