CVE-2009-3116

Uiga Church Portal - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mr.SQL · textwebappsphp
https://www.exploit-db.com/exploits/9535

References (5)

Scores

EPSS 0.0034
EPSS Percentile 56.3%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

uiga/church_portal

Timeline

Published Sep 09, 2009
Tracked Since Feb 18, 2026