CVE-2009-3185

Publication date

2009-09-15 21:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action.