CVE-2009-2790 Softbiz — Exploit & Vulnerability Details NONE

Parameter	Value
Type	CWE-89 (SQL Injection)
Vendor	Softbiz
Public PoC	Yes

SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4.

Weakness Type (CWE)

CWE-89 SQL Injection

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Softbiz Dating_Script cpe:2.3:a:softbiz:dating_script::::::::	—	—

References 3

http://packetstormsecurity.org/0907-exploits/softbizdating-sql.txt

cve@mitre.org

http://www.securityfocus.com/bid/35896

cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/52158

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2008-3511

Softbiz

None

CVE-2008-2087

Softbiz

None

CVE-2008-1050

Softbiz

None

CVE-2007-6125

Softbiz

None

CVE-2007-6124

Softbiz

None

Menu

CVE-2009-2790

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2008-3511

CVE-2008-2087

CVE-2008-1050

CVE-2007-6125

CVE-2007-6124

CVE Details

Editor's Choice

Menu

CVE-2009-2790

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2008-3511

CVE-2008-2087

CVE-2008-1050

CVE-2007-6125

CVE-2007-6124

CVE Details

Editor's Choice

Stay informed on cybersecurity