Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3052

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2009-3052
Last Modified 04 Sep 2009 12:00:00
Published 03 Sep 2009 01:30:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2009-3052

Summary

SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php.

Vulnerable Systems

Application

  • Absoluteanime Prime Quick Style 1.2.3


References

BID - 36214

MISC - http://www.phpbb.com/community/viewtopic.php?f=70&t=692625&start=150#p10649315

MILW0RM - 9569

MISC - http://www.absoluteanime.com/forum/mods/Prime%20Quick%20Style/install.xml

SECUNIA - 36532


Last Updated: 27 May 2016 10:51:07