Zurück zur CVE-Übersicht
CVE-2009-2147
HIGH(7.5)AV:N/AC:L/Au:N/C:P/I:P/A:P
Risk Signal Score19/100 — NIEDRIG
- CVSS 7.5 — Hoch
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.5
Technische Schwere
Beschreibung
SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Referenzen
- http://secunia.com/advisories/35396
- http://www.securityfocus.com/bid/35336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51094
- https://www.exploit-db.com/exploits/8939
- http://secunia.com/advisories/35396
- http://www.securityfocus.com/bid/35336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51094
- https://www.exploit-db.com/exploits/8939