Lucene search

[email protected]CVE-2009-4712

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4712

2022-10-0316:24:02

CWE-89

[email protected]

web.nvd.nist.gov

cve-2009-4712

sql injection

tukanas classifieds

easyclassifieds

index.php

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

51.1%

JSON

SQL injection vulnerability in index.php in Tukanas Classifieds (aka EasyClassifieds) Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter.

Affected configurations

NVD

Node

tukanaseasyclassifieds_scriptMatch1.0

CPENameOperatorVersion
tukanas:easyclassifieds_scripttukanas easyclassifieds scripteq1.0

CPE	Name	Operator	Version
tukanas:easyclassifieds_script	tukanas easyclassifieds script	eq	1.0

References

osvdb.org/56601

packetstormsecurity.org/0907-exploits/tukanasec-sql.txt

secunia.com/advisories/35977

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

51.1%

JSON

Related for CVE-2009-4712

prion1 cvelist1 nvd1