CVE-2009-2590

Опубликовано: 24 июл. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Ссылки

http://osvdb.org/56175
http://packetstormsecurity.org/0907-exploits/hutscript-sqlxss.txt
Exploit
http://secunia.com/advisories/35893
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1978
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/51913
http://osvdb.org/56175
http://packetstormsecurity.org/0907-exploits/hutscript-sqlxss.txt
Exploit
http://secunia.com/advisories/35893
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1978
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/51913

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:resalecode:hutscripts_php_website_script:-:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00429

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-226c-wpq4-r9cj

github

около 3 лет назад