CVE-2009-2339
CVE-2009-2339 describes an SQL injection in index.php of Rentventory, exploitable remotely via the product parameter. Root cause: improper input handling allows arbitrary SQL execution. Impact (per CVSS v2): partial confidentiality, integrity, and availability with a base score of 7.5 (NETWORK at...