CVE-2009-1411

2009-04-2414:00:00

mitre

www.cve.org

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

59.5%

JSON

SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php.

References

osvdb.org/53827

secunia.com/advisories/34812

www.securityfocus.com/bid/34608

www.vupen.com/english/advisories/2009/1112

exchange.xforce.ibmcloud.com/vulnerabilities/49975

www.exploit-db.com/exploits/8482