Lucene search
MitreCVE-2009-1851HistoryJun 01, 2009 - 7:30 p.m.
CVE-2009-1851
2009-06-0119:30:00
CWE-89
mitre
web.nvd.nist.gov
25
sql injection
include.php
phpbugtracker
remote attackers
nvd
cve-2009-1851
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
47.9%
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected configurations
Node
benjamin_curtisphpbugtrackerRange≤1.0.4
ORbenjamin_curtisphpbugtrackerMatch0.1.0
ORbenjamin_curtisphpbugtrackerMatch0.1.1
ORbenjamin_curtisphpbugtrackerMatch0.1.2
ORbenjamin_curtisphpbugtrackerMatch0.1.3
ORbenjamin_curtisphpbugtrackerMatch0.1.4
ORbenjamin_curtisphpbugtrackerMatch0.1.5
ORbenjamin_curtisphpbugtrackerMatch0.1.6
ORbenjamin_curtisphpbugtrackerMatch0.1.7
ORbenjamin_curtisphpbugtrackerMatch0.2.0
ORbenjamin_curtisphpbugtrackerMatch0.2.1
ORbenjamin_curtisphpbugtrackerMatch0.3.0
ORbenjamin_curtisphpbugtrackerMatch0.3.1
ORbenjamin_curtisphpbugtrackerMatch0.3.2
ORbenjamin_curtisphpbugtrackerMatch0.3.3
ORbenjamin_curtisphpbugtrackerMatch0.4.0
ORbenjamin_curtisphpbugtrackerMatch0.5.0
ORbenjamin_curtisphpbugtrackerMatch0.5.1
ORbenjamin_curtisphpbugtrackerMatch0.6.0
ORbenjamin_curtisphpbugtrackerMatch0.6.1
ORbenjamin_curtisphpbugtrackerMatch0.6.2
ORbenjamin_curtisphpbugtrackerMatch0.7.0
ORbenjamin_curtisphpbugtrackerMatch0.7.1
ORbenjamin_curtisphpbugtrackerMatch0.7.2
ORbenjamin_curtisphpbugtrackerMatch0.8.0
ORbenjamin_curtisphpbugtrackerMatch0.8.1
ORbenjamin_curtisphpbugtrackerMatch0.8.2
ORbenjamin_curtisphpbugtrackerMatch0.9.0
ORbenjamin_curtisphpbugtrackerMatch0.9.1
ORbenjamin_curtisphpbugtrackerMatch1.0
ORbenjamin_curtisphpbugtrackerMatch1.0.1
ORbenjamin_curtisphpbugtrackerMatch1.0.3
ORbenjamin_curtisphpbugtrackerMatch1.xdev1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| benjamin_curtis | phpbugtracker | * | cpe:2.3:a:benjamin_curtis:phpbugtracker:*:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.0 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.0:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.1 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.1:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.2 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.2:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.3 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.3:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.4 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.4:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.5 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.5:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.6 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.6:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.1.7 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.1.7:*:*:*:*:*:*:* |
| benjamin_curtis | phpbugtracker | 0.2.0 | cpe:2.3:a:benjamin_curtis:phpbugtracker:0.2.0:*:*:*:*:*:*:* |
Related
openvas
openvas
phpBugTracker 'include.php' SQL Injection Vulnerability
2009-06-01 00:00:00
phpBugTracker <= 1.0.4 SQLi Vulnerability
2009-06-01 00:00:00
prion
prion
Sql injection
2009-06-01 19:30:00
nvd
nvd
CVE-2009-1851
2009-06-01 19:30:00
cvelist
cvelist
CVE-2009-1851
2009-06-01 19:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
47.9%
Related for CVE-2009-1851