Lucene search
MitreCVE-2009-1655HistoryMay 16, 2009 - 6:30 p.m.
CVE-2009-1655
2009-05-1618:30:00
CWE-89
mitre
web.nvd.nist.gov
21
sql injection
myaccount.php
easy scripts answer
question script
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
36.5%
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
Affected configurations
Node
easy-scriptsanswer_and_question_script
| Vendor | Product | Version | CPE |
|---|---|---|---|
| easy-scripts | answer_and_question_script | * | cpe:2.3:a:easy-scripts:answer_and_question_script:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2009-1655
2009-05-16 18:30:00
cvelist
cvelist
CVE-2009-1655
2009-05-16 18:00:00
prion
prion
Sql injection
2009-05-16 18:30:00
exploitdb
exploitdb
Easy Scripts Answer and Question Script - Multiple Vulnerabilities
2009-05-14 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.001
Percentile
36.5%
Related for CVE-2009-1655