CVE-2009-3313

2009-09-2310:00:00

mitre

www.cve.org

8.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.2%

JSON

Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php.

References

osvdb.org/58182

osvdb.org/58183

osvdb.org/58184

secunia.com/advisories/36778

www.exploit-db.com/exploits/9711

exchange.xforce.ibmcloud.com/vulnerabilities/53329

exchange.xforce.ibmcloud.com/vulnerabilities/53330