CVE-2009-1655

2009-05-1618:00:00

mitre

www.cve.org

8.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.7%

JSON

Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.

References

osvdb.org/54502

secunia.com/advisories/35067

www.securityfocus.com/bid/34975

www.exploit-db.com/exploits/8690