Lucene search
MitreCVE-2009-3252HistorySep 18, 2009 - 8:30 p.m.
CVE-2009-3252
2009-09-1820:30:00
CWE-89
mitre
web.nvd.nist.gov
40
cve
2009
3252
sql injection
rock band cms 0.10
news.php
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
41.2%
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters.
Affected configurations
Node
dave_robinsonrockbandcmsMatch0.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dave_robinson | rockbandcms | 0.10 | cpe:2.3:a:dave_robinson:rockbandcms:0.10:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2009-09-18 20:30:00
nvd
nvd
CVE-2009-3252
2009-09-18 20:30:00
exploitdb
exploitdb
Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (1)
2009-08-31 00:00:00
Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (2)
2010-08-12 00:00:00
cvelist
cvelist
CVE-2009-3252
2009-09-18 20:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
41.2%
Related for CVE-2009-3252