PHP-Fusion Book Panel Module 'books.php' SQL Injection Vulnerability Network Vulnerability

Summary

The Book Panel module for PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

References

http://www.securityfocus.com/bid/34049

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4889

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
Adobe ColdFusion Information Disclosure Vulnerability
Apache Struts2 Redirection and Security Bypass Vulnerabilities
Adobe ColdFusion Authentication Bypass Vulnerability
Atmail Multiple Unspecified Security Vulnerabilities.

Take action and discover your vulnerabilities