CVE-2009-0831 Information

Feb 14, 2021 cve

Description

SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion when magic_quotes_gpc is disabled allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.

Reference

http://secunia.com/advisories/33424 http://www.securityfocus.com/bid/33156 https://www.exploit-db.com/exploits/7697

Share on: