Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0711


Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0711
Last Modified 23 Jun 2009 01:51:06
Published 23 Feb 2009 10:30:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some sources, but the provenance of that information is unknown.

Vulnerable Systems


  • Vlad Alexa Mancini Phpfootball 1.5

  • Vlad Alexa Mancini Phpfootball 1.6


OSVDB - 51102

MILW0RM - 7636

SECUNIA - 33367

Last Updated: 27 May 2016 10:50:20