Vulnerability Description
SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ple Cms | Ple Cms | 1.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/33524Exploit
- https://www.exploit-db.com/exploits/7917
- http://www.securityfocus.com/bid/33524Exploit
- https://www.exploit-db.com/exploits/7917
FAQ
What is CVE-2009-0394?
CVE-2009-0394 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter.
How severe is CVE-2009-0394?
CVE-2009-0394 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0394?
Check the references section above for vendor advisories and patch information. Affected products include: Ple Cms Ple Cms.