CVE-2009-4794

2010-04-22T14:30:00
ID CVE-2009-4794
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:49:00

Description

Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.