CVE-2009-1661
Anoldman Utopic - SQL Injection
Title source: ruleDescription
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by YEnH4ckEr · perlwebappsphp
https://www.exploit-db.com/exploits/8655
References (7)
Scores
EPSS
0.0090
EPSS Percentile
75.8%
Details
CWE
CWE-89
Status
published
Products (1)
anoldman/utopic
1.0
Published
May 18, 2009
Tracked Since
Feb 18, 2026