Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
References
Link | Resource |
---|---|
http://osvdb.org/54502 | |
http://secunia.com/advisories/35067 | Vendor Advisory |
http://www.securityfocus.com/bid/34975 | Exploit |
https://www.exploit-db.com/exploits/8690 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-05-16T18:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2009-05-16T00:00:00
Link: CVE-2009-1655
JSON object: View
NVD Information
Status : Modified
Published: 2009-05-16T18:30:00.327
Modified: 2017-09-29T01:34:29.733
Link: CVE-2009-1655
JSON object: View
Redhat Information
No data.
CWE