1. Home
  2. CVE Database
  3. CVE-2009-2392
HIGH · 7.5

CVE-2009-2392

SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.

Vulnerability Description

SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
VirtuenetzVirtue Online Test GeneratorAll versions

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2009-2392?

CVE-2009-2392 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.

How severe is CVE-2009-2392?

CVE-2009-2392 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-2392?

Check the references section above for vendor advisories and patch information. Affected products include: Virtuenetz Virtue Online Test Generator.