CVE-2009-2451

2009-07-1414:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.001

Percentile

27.8%

JSON

Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form.