CVE-2009-0963 Information

Feb 14, 2021 cve

Description

Multiple SQL injection vulnerabilities in PHPRunner 4.2 and possibly earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to (1) UserView_list.php (2) orders_list.php (3) users_list.php and (4) Administrator_list.php.

Reference

http://osvdb.org/52798 http://osvdb.org/52799 http://osvdb.org/52800 http://osvdb.org/52801 http://secunia.com/advisories/34330 http://www.bugreport.ir/index_63.htm http://www.securityfocus.com/archive/1/501894/100/0/threaded http://www.securityfocus.com/bid/34146 http://www.vupen.com/english/advisories/2009/0750 https://exchange.xforce.ibmcloud.com/vulnerabilities/49278 https://www.exploit-db.com/exploits/8226

Share on: