CVE-2009-2891

CVE-2009-2891

EPSS 1.0%

SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.org/0907-exploits/riddledepot-sqlxss.txt http://secunia.com/advisories/35932 https://exchange.xforce.ibmcloud.com/vulnerabilities/51872 http://www.osvdb.org/56123