ID CVE-2009-1245 Type cve Reporter NVD Modified 2017-08-16T21:30:15
Description
Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.
{"id": "CVE-2009-1245", "bulletinFamily": "NVD", "title": "CVE-2009-1245", "description": "Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.", "published": "2009-04-06T12:30:00", "modified": "2017-08-16T21:30:15", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1245", "reporter": "NVD", "references": ["http://sourceforge.net/project/shownotes.php?release_id=670960", "http://www.securityfocus.com/bid/34264", "http://jcsfog.cvs.sourceforge.net/viewvc/jcsfog/CCCP-Pastebin/php/cccp-admin/inc/functions.php?r1=1.10&r2=1.11", "https://exchange.xforce.ibmcloud.com/vulnerabilities/49426"], "cvelist": ["CVE-2009-1245"], "type": "cve", "lastseen": "2017-08-17T11:14:17", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.70", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.60", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.40", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.30", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.50", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.10", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.20"], "cvelist": ["CVE-2009-1245"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.", "edition": 1, "enchantments": {}, "hash": "8225ec6b8a466a3a41cb1cd29ebfb4365cc44c0dae7b7da26df1c029e48c24ad", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "745e17a3e111d36cf9ec2b128946c260", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "f8036fc542c216341a79f857fef5ad70", "key": "description"}, {"hash": "a094b89463f043bf4c44adfe2c587de2", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1fd0fd1bee39254385f787c6ab0d2b50", "key": "title"}, {"hash": "ed9e4f5ac10db3ec0c79c9778c46e976", "key": "modified"}, {"hash": "466d448fb192e50c7859d4d17246739a", "key": "cpe"}, {"hash": "d23df572f60c57771a83da49d7555dd7", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d77f852bd848e737223656ea5c33ecc6", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1245", "id": "CVE-2009-1245", "lastseen": "2016-09-03T12:17:00", "modified": "2009-04-06T00:00:00", "objectVersion": "1.2", "published": "2009-04-06T12:30:00", "references": ["http://sourceforge.net/project/shownotes.php?release_id=670960", "http://xforce.iss.net/xforce/xfdb/49426", "http://www.securityfocus.com/bid/34264", "http://jcsfog.cvs.sourceforge.net/viewvc/jcsfog/CCCP-Pastebin/php/cccp-admin/inc/functions.php?r1=1.10&r2=1.11"], "reporter": "NVD", "scanner": [], "title": "CVE-2009-1245", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T12:17:00"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "466d448fb192e50c7859d4d17246739a"}, {"key": "cvelist", "hash": "d23df572f60c57771a83da49d7555dd7"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "f8036fc542c216341a79f857fef5ad70"}, {"key": "href", "hash": "d77f852bd848e737223656ea5c33ecc6"}, {"key": "modified", "hash": "d9f82f558c5a69b507a37a6747d095b8"}, {"key": "published", "hash": "a094b89463f043bf4c44adfe2c587de2"}, {"key": "references", "hash": "320754767c5c7a644112261ca03c468d"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "1fd0fd1bee39254385f787c6ab0d2b50"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "a18b279ba8513a552e7e61e10a0d959f6af2b79d0ffa08a99da2c458c2180446", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2017-08-17T11:14:17"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.70", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.60", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.40", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.30", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.50", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.10", "cpe:/a:cccp-common-clan-portal-pasterbin:cccp_pastebin:2.20"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
