exploitDog

CVE-2009-3529

Опубликовано: 02 окт. 2009

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074.

Ссылки

http://secunia.com/advisories/35827
Vendor Advisory
http://www.exploit-db.com/exploits/9194
http://secunia.com/advisories/35827
Vendor Advisory
http://www.exploit-db.com/exploits/9194

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:radscripts:radbids:4:*:gold:*:*:*:*:*

EPSS

Процентиль: 46%

0.00233

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-52p4-92p5-7qfq

github

почти 4 года назад

SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074.

EPSS

Процентиль: 46%

0.00233

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-89