CVE-2009-4798

2010-04-2214:00:00

mitre

www.cve.org

8.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.8%

JSON

Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature.

References

secunia.com/advisories/34540

www.exploit-db.com/exploits/8307

www.securityfocus.com/bid/34289

exchange.xforce.ibmcloud.com/vulnerabilities/49509

exchange.xforce.ibmcloud.com/vulnerabilities/49510