CVE-2009-0882

CVE-2009-0882 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.