Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2009-1409
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-24 Apr, 2009 | 14:30
Updated At-29 Sep, 2017 | 01:34

SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.1MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
e107
e107
>>e107>>Versions up to 0.7.15(inclusive)
cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_10
cpe:2.3:a:e107:e107:0.6_10:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_11
cpe:2.3:a:e107:e107:0.6_11:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_12
cpe:2.3:a:e107:e107:0.6_12:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_13
cpe:2.3:a:e107:e107:0.6_13:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_14
cpe:2.3:a:e107:e107:0.6_14:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_15
cpe:2.3:a:e107:e107:0.6_15:*:*:*:*:*:*:*
e107
e107
>>e107>>0.6_15a
cpe:2.3:a:e107:e107:0.6_15a:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7
cpe:2.3:a:e107:e107:0.7:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.1
cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.2
cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.3
cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.4
cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.5
cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.6
cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.7
cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.8
cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.9
cpe:2.3:a:e107:e107:0.7.9:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.10
cpe:2.3:a:e107:e107:0.7.10:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.11
cpe:2.3:a:e107:e107:0.7.11:*:*:*:*:*:*:*
e107
e107
>>e107>>0.7.13
cpe:2.3:a:e107:e107:0.7.13:*:*:*:*:*:*:*
e107
e107
>>e107>>0.545
cpe:2.3:a:e107:e107:0.545:*:*:*:*:*:*:*
e107
e107
>>e107>>0.547_beta
cpe:2.3:a:e107:e107:0.547_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.548_beta
cpe:2.3:a:e107:e107:0.548_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.549_beta
cpe:2.3:a:e107:e107:0.549_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.551_beta
cpe:2.3:a:e107:e107:0.551_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.552_beta
cpe:2.3:a:e107:e107:0.552_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.553_beta
cpe:2.3:a:e107:e107:0.553_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.554
cpe:2.3:a:e107:e107:0.554:*:*:*:*:*:*:*
e107
e107
>>e107>>0.554_beta
cpe:2.3:a:e107:e107:0.554_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.555_beta
cpe:2.3:a:e107:e107:0.555_beta:*:*:*:*:*:*:*
e107
e107
>>e107>>0.600
cpe:2.3:a:e107:e107:0.600:*:*:*:*:*:*:*
e107
e107
>>e107>>0.601
cpe:2.3:a:e107:e107:0.601:*:*:*:*:*:*:*
e107
e107
>>e107>>0.602
cpe:2.3:a:e107:e107:0.602:*:*:*:*:*:*:*
e107
e107
>>e107>>0.603
cpe:2.3:a:e107:e107:0.603:*:*:*:*:*:*:*
e107
e107
>>e107>>0.604
cpe:2.3:a:e107:e107:0.604:*:*:*:*:*:*:*
e107
e107
>>e107>>0.605
cpe:2.3:a:e107:e107:0.605:*:*:*:*:*:*:*
e107
e107
>>e107>>0.606
cpe:2.3:a:e107:e107:0.606:*:*:*:*:*:*:*
e107
e107
>>e107>>0.607
cpe:2.3:a:e107:e107:0.607:*:*:*:*:*:*:*
e107
e107
>>e107>>0.608
cpe:2.3:a:e107:e107:0.608:*:*:*:*:*:*:*
e107
e107
>>e107>>0.609
cpe:2.3:a:e107:e107:0.609:*:*:*:*:*:*:*
e107
e107
>>e107>>0.610
cpe:2.3:a:e107:e107:0.610:*:*:*:*:*:*:*
e107
e107
>>e107>>0.611
cpe:2.3:a:e107:e107:0.611:*:*:*:*:*:*:*
e107
e107
>>e107>>0.612
cpe:2.3:a:e107:e107:0.612:*:*:*:*:*:*:*
e107
e107
>>e107>>0.613
cpe:2.3:a:e107:e107:0.613:*:*:*:*:*:*:*
e107
e107
>>e107>>0.614
cpe:2.3:a:e107:e107:0.614:*:*:*:*:*:*:*
e107
e107
>>e107>>0.615
cpe:2.3:a:e107:e107:0.615:*:*:*:*:*:*:*
e107
e107
>>e107>>0.615a
cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*
e107
e107
>>e107>>0.616
cpe:2.3:a:e107:e107:0.616:*:*:*:*:*:*:*
e107
e107
>>e107>>0.617
cpe:2.3:a:e107:e107:0.617:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-89Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://osvdb.org/53812cve@mitre.org
N/A
http://secunia.com/advisories/34823cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/34614cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/49981cve@mitre.org
N/A
https://www.exploit-db.com/exploits/8495cve@mitre.org
N/A
Change History
0Changes found
Details not found