CVE-2009-4380

Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:valarsoft:webmatic:*:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.4:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.5:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.6:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.7:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:2.8:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:valarsoft:webmatic:3.0.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:09

Type Values Removed Values Added
References () http://secunia.com/advisories/37735 - Vendor Advisory () http://secunia.com/advisories/37735 - Vendor Advisory
References () http://www.securityfocus.com/bid/37335 - Patch () http://www.securityfocus.com/bid/37335 - Patch
References () http://www.valarsoft.com/index.php?stage=0&section=5&newsID=165&action=6 - Patch, Vendor Advisory () http://www.valarsoft.com/index.php?stage=0&section=5&newsID=165&action=6 - Patch, Vendor Advisory

Information

Published : 2009-12-22 23:30

Updated : 2024-11-21 01:09


NVD link : CVE-2009-4380

Mitre link : CVE-2009-4380

CVE.ORG link : CVE-2009-4380


JSON object : View

Products Affected

valarsoft

  • webmatic
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')