CVE

Id
39669  
CVE No.
CVE-2009-2234  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call Center Suite 2.0.5-173 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter ($PHP_AUTH_USER) and (2) Password parameter ($PHP_AUTH_PW).  
Phase
Assigned (20090627)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
436195 39669 CVE-2009-2234 MILW0RM:8755  View
436196 39669 CVE-2009-2234 URL:http://www.milw0rm.com/exploits/8755  View
436197 39669 CVE-2009-2234 CONFIRM:http://www.eflo.net/vicidial/security_fix_admin_20090522.patch  View
436198 39669 CVE-2009-2234 BID:35056  View
436199 39669 CVE-2009-2234 URL:http://www.securityfocus.com/bid/35056  View
436200 39669 CVE-2009-2234 XF:callcenter-admin-sql-injection(50665)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
42549 JVNDB-2009-003556 DMXReady Registration Manager の includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp における任意のコードを実行される脆弱性 DMXReady Registration Manager の includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp は、任意のコードを実行される脆弱性が存在します。 CVE-2009-2238 39669 6.8 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003556.html  View