CVE-2009-2128

2009-06-1917:32:00

mitre

www.cve.org

sql injection

elvin

remote attack

AI Score

8.4

Confidence

Low

EPSS

0.001

Percentile

47.9%

JSON

SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field.

References

bugs.elvinbts.org/show_bug.php?id=49

secunia.com/advisories/35430