Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2921


Vulnerability Score 7.5 7.5
CVE Id CVE-2009-2921
Last Modified 21 Aug 2009 12:00:00
Published 21 Aug 2009 07:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspassword parameter (Password field).

Vulnerable Systems


  • Mocdesigns Php News 1.1


XF - phpnews-login-sql-injection(52231)

VUPEN - ADV-2009-2161

MILW0RM - 9353

Last Updated: 27 May 2016 10:51:04