Vulnerability Details CVE-2009-4783
Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to execute arbitrary SQL commands via the start parameter to (1) forum.php and (2) thread.php in community/, and (3) blog/index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://packetstormsecurity.org/0912-exploits/theeta-sqlxss.txt
- http://secunia.com/advisories/37529
- http://www.securityfocus.com/archive/1/508148/100/0/threaded
- http://packetstormsecurity.org/0912-exploits/theeta-sqlxss.txt
- http://secunia.com/advisories/37529
- http://www.securityfocus.com/archive/1/508148/100/0/threaded
Products affected by CVE-2009-4783
-
cpe:2.3:a:mntechsolutions:theeta_cms:0.0
-
cpe:2.3:a:mntechsolutions:theeta_cms:0.01