Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1787

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1787
Last Modified 09 Jun 2009 01:34:40
Published 26 May 2009 12:30:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1787

Summary

Multiple SQL injection vulnerabilities in PHP Dir Submit (aka WebsiteSubmitter and Submitter Script) allow remote attackers to bypass authentication and gain administrative access via the (1) username and (2) password parameters.

Vulnerable Systems

Application

  • Phpdirsubmit Php Dir Submit


References

VUPEN - ADV-2009-1365

BID - 35003

MILW0RM - 8710

SECUNIA - 35125


Last Updated: 27 May 2016 10:50:40