CVE-2009-1245
Last modified
CVE-2009-1245 is a vulnerability of currently unknown severity. Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.. EPSS estimates a 1.19% chance of exploitation in the next 30 days.
Description
Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | <= 2.70 |
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | 2.10 |
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | 2.20 |
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | 2.30 |
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | 2.40 |
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | 2.50 |
| Cccp-Common-Clan-Portal-Pasterbin | Cccp Pastebin | 2.60 |
References
- http://secunia.com/advisories/34474Vendor Advisory
- http://secunia.com/advisories/34474Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-1245?
How severe is CVE-2009-1245?
How do I fix CVE-2009-1245?
Are you affected by CVE-2009-1245?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST