Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2276

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-2276
Last Modified 01 Jul 2009 12:00:00
Published 01 Jul 2009 09:00:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-2276

Summary

SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter.

Vulnerable Systems

Application

  • Biglle Vote For Us Extension 1.0

  • Biglle Vote For Us Extension 1.0.1


References

MILW0RM - 9058


Last Updated: 27 May 2016 10:50:50