CVE-2009-3358

Tourismscripts Adult Portal Escort Listing - SQL Injection

Title source: rule

Description

SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Mr.SQL · textwebappsphp

https://www.exploit-db.com/exploits/9634

View Code ZIP pw:eip

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/8788

View on exploitdb

References (2)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/53134

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9634

Scores

EPSS 0.0029

EPSS Percentile 52.2%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

tourismscripts/adult_portal_escort_listing

Timeline

Published Sep 24, 2009

Tracked Since Feb 18, 2026