2 matches found
CVE-2009-3209
CVE-2009-3209 is a SQL injection in remove.php of PHP eMail Manager 3.3.0, exploitable via the ID parameter to execute arbitrary SQL commands. Documented by NVD with a CVSS v2 base score of 7.5 (HIGH) and network access with no authentication. Connected documents do not provide a patch or remedia...
CVE-2009-3209
SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter...