CVE-2009-2775

PHPArcadeScript 4.0 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in linkout.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by MizoZ · textwebappsphp

https://www.exploit-db.com/exploits/9288

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9288

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/35843

Scores

EPSS 0.0026

EPSS Percentile 49.8%

Details

CWE

CWE-89

Status published

Products (1)

phparcadescript/phparcadescript 4.0

Published Aug 14, 2009

Tracked Since Feb 18, 2026