Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2009-1742

Published: 20/05/2009 Updated: 29/09/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Pc4arb

Vulnerability Summary

code.php in PC4Arb Pc4 Uploader 9.0 and previous versions makes it easier for remote malicious users to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON" string, which is collapsed into "UNION" by the filter_sql function.

Vulnerable Product Search on Vulmon Subscribe to Product

pc4arb pc4 uploader

Exploits

Exploit DB: Pc4Uploader 9.0 - Blind SQL Injection
|| || | || o_,_7 _|| _o_7 _|| q_|_|| o_w_, ( : / (_) / ( =By: Qabandi =Email: iqa[a]hotmailfr From Kuwait PEACE =Vuln: pc4arb - pc4 Uploader <= 90 Blind SQL injection =INFO: pc4arbcom/product-13html =BUY: pc4arbcom/deal-13html =DO ...

References

CWE-89http://secunia.com/advisories/35122http://www.securityfocus.com/bid/35004http://www.vupen.com/english/advisories/2009/1364http://osvdb.org/54572https://exchange.xforce.ibmcloud.com/vulnerabilities/50586https://www.exploit-db.com/exploits/8709https://nvd.nist.govhttps://www.exploit-db.com/exploits/8709/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook