Lucene search
HistoryMar 18, 2010 - 6:30 p.m.
CVE-2009-4732
cve-2009-4732
sql injection
tt web site manager
security vulnerability
remote code execution
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.8%
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
technotoadtt_web_site_managerMatch0.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| technotoad:tt_web_site_manager | technotoad tt web site manager | eq | 0.5 |
Related
openvas
openvas
TT Web Site Manager 'tt_name' Remote SQL Injection Vulnerability
2010-03-23 00:00:00
TT Web Site Manager 'tt_name' Remote SQL Injection Vulnerability
2010-03-23 00:00:00
nvd
nvd
CVE-2009-4732
2010-03-18 18:30:00
prion
prion
Sql injection
2010-03-18 18:30:00
cvelist
cvelist
CVE-2009-4732
2010-03-18 18:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.8%
Related for CVE-2009-4732