Lucene search

[email protected]CVE-2009-1731

HistoryMay 20, 2009 - 6:30 p.m.

CVE-2009-1731

2009-05-2018:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2009-1731

sql injection

security vulnerability

mlffat 2.1

remote attack

base64 encoding

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.5%

JSON

SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie.

Affected configurations

NVD

Node

mlffatmlffatMatch2.1

CPENameOperatorVersion
mlffat:mlffatmlffateq2.1

CPE	Name	Operator	Version
mlffat:mlffat	mlffat	eq	2.1

References

securityreason.com/exploitalert/6198

www.sebug.net/exploit/11292/

www.securityfocus.com/bid/34982

www.vupen.com/english/advisories/2009/1308

exchange.xforce.ibmcloud.com/vulnerabilities/50526

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for CVE-2009-1731

prion2 cvelist2 nvd2 cve1