Lucene search

K

MitreCVELIST:CVE-2009-4796

HistoryApr 22, 2010 - 2:00 p.m.

CVE-2009-4796

2010-04-2214:00:00

mitre

www.cve.org

5

AI Score

8.5

Confidence

Low

EPSS

0.001

Percentile

45.5%

Multiple SQL injection vulnerabilities in the ExecuteQueries function in private/system/classes/listfactory.class.php in glFusion 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order and (2) direction parameters to search.php.

References

osvdb.org/52984

secunia.com/advisories/34519

www.exploit-db.com/exploits/8302

www.glfusion.org/article.php/security_20090329

www.securityfocus.com/archive/1/502260/100/0/threaded

www.securityfocus.com/bid/34281

exchange.xforce.ibmcloud.com/vulnerabilities/49498

AI Score

8.5

Confidence

Low

EPSS

0.001

Percentile

45.5%

Related for CVELIST:CVE-2009-4796

cve1 openvas1 prion1 exploitdb1 nvd1