SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
References
Configurations
History
21 Nov 2024, 01:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/57171 - | |
References | () http://packetstormsecurity.org/0908-exploits/phpem-sql.txt - Exploit | |
References | () http://secunia.com/advisories/36346 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/52548 - |
Information
Published : 2009-09-16 17:30
Updated : 2025-04-09 00:30
NVD link : CVE-2009-3209
Mitre link : CVE-2009-3209
CVE.ORG link : CVE-2009-3209
JSON object : View
Products Affected
raizlabs
- php_email_manager
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')