CVE-2009-0402
Published Feb 3, 2009
Last updated a year ago
Overview
- Description
- SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr3, (11) zipcode, (12) city, (13) state, (14) country, and (15) vat_num parameters.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFB07760-4780-40D5-94F8-A7E323AC05B0",
"versionEndIncluding": "0.29.8"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48453D15-9383-453A-80DE-CBA330DF43EC"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6ECDD453-4477-4567-85EC-9FBB777577C9"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F470F49-27DE-49D8-95B6-0BF562A5AFC2"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9623CC23-64B9-408E-9BFD-E5A6A2498D16"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9E38991-255F-4590-9D1B-EDC9965D4745"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25BAB9EE-D86A-4AC7-85D0-711B755F63DC"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3722E5B8-F002-4E81-A7A1-370D53EBFDC8"
},
{
"criteria": "cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2A5B9D8-5268-4C34-943E-AEA918855EDF"
}
],
"operator": "OR"
}
]
}
]