Lucene search
MitreCVE-2009-2926HistoryAug 21, 2009 - 8:30 p.m.
CVE-2009-2926
2009-08-2120:30:00
CWE-89
mitre
web.nvd.nist.gov
25
php
competition system
sql injection
remote attack
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.001
Percentile
43.7%
Multiple SQL injection vulnerabilities in PHP Competition System BETA 0.84 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) day parameter to show_matchs.php and (2) pageno parameter to persons.php.
Affected configurations
Node
phpcompet.freephp_competition_systemMatch0.84betafr
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpcompet.free | php_competition_system | 0.84 | cpe:2.3:a:phpcompet.free:php_competition_system:0.84:beta:*:fr:*:*:*:* |
Related
prion
prion
Sql injection
2009-08-21 20:30:00
cvelist
cvelist
CVE-2009-2926
2009-08-21 20:21:00
nvd
nvd
CVE-2009-2926
2009-08-21 20:30:00
exploitdb
exploitdb
PHP Competition System 0.84 - 'competition' SQL Injection
2009-08-14 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.001
Percentile
43.7%
Related for CVE-2009-2926