SQL Injection Vulnerability in AR Web Content Manager by ARJ Systems
CVE-2009-3218

Currently unrated

Key Information:

Vendor

The-ghost

Status
Ar Web Content Manager
Vendor
CVE Published:
16 September 2009

What is CVE-2009-3218?

The AR Web Content Manager 2.1 contains a SQL injection vulnerability located in control/login.php that arises when magic_quotes_gpc is disabled. This flaw permits remote attackers to send specially crafted inputs via the username parameter, which could lead to the execution of arbitrary SQL commands. Given that this vulnerability could potentially compromise the database integrity, it is essential for users and administrators to implement necessary security measures and upgrade to fixed versions promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.exploit-db.com/exploits/9237
exploitx_refsource_EXPLOIT-DB
https://exchange.xforce.ibmcloud.com/vulnerabilities/51980
vdb-entryx_refsource_XF
http://osvdb.org/56338
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.