CVE

Id
40687  
CVE No.
CVE-2009-3252  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters.  
Phase
Assigned (20090918)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
446447 40687 CVE-2009-3252 MILW0RM:9553  View
446448 40687 CVE-2009-3252 URL:http://www.milw0rm.com/exploits/9553  View
446449 40687 CVE-2009-3252 SECUNIA:36517  View
446450 40687 CVE-2009-3252 URL:http://secunia.com/advisories/36517  View
446451 40687 CVE-2009-3252 VUPEN:ADV-2009-2494  View
446452 40687 CVE-2009-3252 URL:http://www.vupen.com/english/advisories/2009/2494  View
446453 40687 CVE-2009-3252 XF:bandcms-news-sql-injection(52940)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
43949 JVNDB-2009-004956 LiveStreet の include/ajax/blogInfo.php におけるクロスサイトスクリプティングの脆弱性 LiveStreet の include/ajax/blogInfo.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2009-3256 40687 4.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004956.html  View