CVE-2009-0287

2009-01-2718:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.

References

keeptoolkit.svn.sourceforge.net/viewvc/keeptoolkit?view=rev&revision=56

osvdb.org/51623

secunia.com/advisories/33652

sourceforge.net/project/shownotes.php?release_id=655845&group_id=227492

www.securityfocus.com/bid/33425