CVE-2009-4574

EPSS 1.0%

SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.

Affected products

n/a · n/a

public PoCs found — 3

cve_referencepacketstormsecurity.org/0912-exploits/iescorts-sql.txtunverified cve_referencewww.exploit-db.com/exploits/10809unverified exploitdbwww.exploit-db.com/exploits/10809unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.org/0912-exploits/iescorts-sql.txt http://secunia.com/advisories/37957 https://exchange.xforce.ibmcloud.com/vulnerabilities/55208 http://www.exploit-db.com/exploits/10809 http://www.osvdb.org/61397