CVE-2009-2148

UNRATEDJSON export Create alert

Description

SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

campusvirtualcomputrade / campus_virtual-lms

References

VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1583
EXPLOIThttps://www.exploit-db.com/exploits/8937