CVE-2009-2018
CVE-2009-2018 is a SQL injection vulnerability in the admin/index.php of Jared Eckersley’s MyCars. When magic_quotes_gpc is disabled, an attacker can craft the authuserid parameter to execute arbitrary SQL commands. The NVD entry rates it as a Medium impact (CVSSv2 6.8) with partial impact on con...