CVE-2009-2781 Information

Feb 14, 2021 cve

Description

SQL injection vulnerability in forum.php in Arab Portal 2.x when magic_quotes_gpc is disabled allows remote authenticated users to execute arbitrary SQL commands via the qc parameter in an addcomment action a different vector than CVE-2006-1666.

Reference

http://www.exploit-db.com/exploits/9320 http://www.securityfocus.com/bid/35914

Share on: