Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0750

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-0750
Last Modified 03 Mar 2009 12:00:00
Published 02 Mar 2009 05:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0750

Summary

SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter.

Vulnerable Systems

Application

  • Tombstone Smnews -


References

XF - smnews-login-sql-injection(48813)

MILW0RM - 8076


Last Updated: 27 May 2016 10:50:21