← back
CVE-2009-0965

CVE-2009-0965

EPSS 1.0%
SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/8228unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/52803https://exchange.xforce.ibmcloud.com/vulnerabilities/49292https://www.exploit-db.com/exploits/8228http://www.securityfocus.com/bid/34144http://www.vupen.com/english/advisories/2009/0751