Published: 21/08/2009 Updated: 19/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote malicious users to execute arbitrary SQL commands via the (1) UploadID parameter to videoint.php, and possibly the (2) cat_id parameter to catvideo.php and (3) uid parameter to cviewchannels.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
videosbroadcastyourself videos broadcast yourself 2

Debian Bug report logs - #593302 python-cjson: CVE-2009-4924 xss vulnerability Package: python-cjson; Maintainer for python-cjson is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Source for python-cjson is src:python-cjson (PTS, buildd, popcon) Reported by: Michael Gilbert <michaelsgilbert@gm ...

############################################################### #################### Viva IslaM Viva IslaM #################### ## ## Remote SQL Injection Vulnerability ( videointphp UploadID ) ## ## Videos Broadcast Yourself V2 ## ## wwwvideosbroadcastyourselfcom/ ## ############################################################### ####### ...

CWE-89 http://www.exploit-db.com/exploits/9453 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593302 https://www.exploit-db.com/exploits/9453/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2924

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect