CVE-2009-2921

2009-08-2110:00:00

mitre

www.cve.org

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.7%

JSON

Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspassword parameter (Password field).

References

www.exploit-db.com/exploits/9353

www.vupen.com/english/advisories/2009/2161

exchange.xforce.ibmcloud.com/vulnerabilities/52231