QwikSec

Security Database

CVE

CWE

Training

CVE-2009-1245

Published: Apr 6, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

http://sourceforge.net/project/shownotes.php?release_id=670960

x_refsource_CONFIRM

http://jcsfog.cvs.sourceforge.net/viewvc/jcsfog/CCCP-Pastebin/php/cccp-admin/inc/functions.php?r1=1.10&r2=1.11

x_refsource_CONFIRM

communitycode-submit-sql-injection(49426)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.