CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1208

SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.7%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2009-1208

Auth2db » Auth2db » Version: 0.1.0

cpe:2.3:a:auth2db:auth2db:0.1.0
Auth2db » Auth2db » Version: 0.1.2

cpe:2.3:a:auth2db:auth2db:0.1.2
Auth2db » Auth2db » Version: 0.1.3

cpe:2.3:a:auth2db:auth2db:0.1.3
Auth2db » Auth2db » Version: 0.1.4

cpe:2.3:a:auth2db:auth2db:0.1.4
Auth2db » Auth2db » Version: 0.1.5

cpe:2.3:a:auth2db:auth2db:0.1.5
Auth2db » Auth2db » Version: 0.1.6

cpe:2.3:a:auth2db:auth2db:0.1.6
Auth2db » Auth2db » Version: 0.1.7

cpe:2.3:a:auth2db:auth2db:0.1.7
Auth2db » Auth2db » Version: 0.1.8

cpe:2.3:a:auth2db:auth2db:0.1.8
Auth2db » Auth2db » Version: 0.1.9

cpe:2.3:a:auth2db:auth2db:0.1.9
Auth2db » Auth2db » Version: 0.2.0

cpe:2.3:a:auth2db:auth2db:0.2.0
Auth2db » Auth2db » Version: 0.2.1

cpe:2.3:a:auth2db:auth2db:0.2.1
Auth2db » Auth2db » Version: 0.2.2

cpe:2.3:a:auth2db:auth2db:0.2.2
Auth2db » Auth2db » Version: 0.2.3

cpe:2.3:a:auth2db:auth2db:0.2.3
Auth2db » Auth2db » Version: 0.2.4

cpe:2.3:a:auth2db:auth2db:0.2.4
Auth2db » Auth2db » Version: 0.2.5

cpe:2.3:a:auth2db:auth2db:0.2.5
Auth2db » Auth2db » Version: 0.2.6

cpe:2.3:a:auth2db:auth2db:0.2.6
Auth2dbauth2db » 0.1.1 » Version: Any

cpe:2.3:a:auth2dbauth2db:0.1.1:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1208

Products

Pricing

Contact Us