CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4577

SQL injection vulnerability in the MDForum module 2.x through 2.07 for MAXdev MDPro allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/37748
http://www.maxdev.com/Article661.phtml
http://www.osvdb.org/61347
http://www.securityfocus.com/bid/37488
https://exchange.xforce.ibmcloud.com/vulnerabilities/55138
http://secunia.com/advisories/37748
http://www.maxdev.com/Article661.phtml
http://www.osvdb.org/61347
http://www.securityfocus.com/bid/37488
https://exchange.xforce.ibmcloud.com/vulnerabilities/55138

Products affected by CVE-2009-4577

Maxdev » Mdforum » Version: 2.0.1

cpe:2.3:a:maxdev:mdforum:2.0.1
Maxdev » Mdpro » Version: Any

cpe:2.3:a:maxdev:mdpro:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4577

Products

Pricing

Contact Us