CVE-2009-0428

DMXReady Secure Document Library <1.1 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsphp

https://www.exploit-db.com/exploits/7787

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ajann · textwebappsasp

https://www.exploit-db.com/exploits/7767

View Code ZIP pw:eip

References (6)

Core 6

Core References

Various Sources x_refsource_confirm

http://dmxready.helpserve.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=93

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/33253

Vendor Advisory x_refsource_confirm

http://dmxready.helpserve.com/index.php?_m=news&_a=viewnews&newsid=12

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/48013

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/33482

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/7787

Scores

EPSS 0.0167

EPSS Percentile 82.2%

Details

CWE

CWE-89

Status published

Products (2)

dmxready/secure_document_library 1.0

dmxready/secure_document_library < 1.1

Published Feb 05, 2009

Tracked Since Feb 18, 2026