Lucene search

K
cvelistMitreCVELIST:CVE-2009-2734
HistoryOct 16, 2009 - 4:00 p.m.

CVE-2009-2734

2009-10-1616:00:00
mitre
www.cve.org

8.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.4%

SQL injection vulnerability in the get_employee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter (aka user_id variable) to dispatch.php.

8.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.4%