Vulnerability Details CVE-2009-3337
SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2009-3337
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.103
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.105
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.41
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.42
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.43
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.44
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.45
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.47
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.48
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.5
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.51
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.64
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.70
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.88
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.95
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.96
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.97
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.0
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.01
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.03
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.04
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.05
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.06
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.07
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.08