Security Advisory

CVE-2009-1814

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-05-29 16:24:00

Last updated 2024-08-07 05:27:54

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074.

← Browse all CVEs View on cve.org ↗