CVE-2009-3208

2009-09-1617:00:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

30.1%

JSON

Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php.

References

packetstormsecurity.org/0908-exploits/phpfreebb-sql.txt

exchange.xforce.ibmcloud.com/vulnerabilities/52550