CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4794

Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/archive/1/502276/100/0/threaded
http://www.securityfocus.com/bid/34303
http://www.securityfocus.com/archive/1/502276/100/0/threaded
http://www.securityfocus.com/bid/34303

Products affected by CVE-2009-4794

Community Cms » Community Cms » Version: 0.5

cpe:2.3:a:community_cms:community_cms:0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4794

Products

Pricing

Contact Us