CVE-2009-3913

Xerox Fiery Webtools - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3913. PoCs published by Bernardo Trigo.

AI-analyzed exploit summary This is a vulnerability report describing an SQL injection flaw in Xerox Fiery Webtools via the /wt3/summary.php?select= parameter. No exploit code is provided, only a description of the issue.

Description

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Bernardo Trigo · textwebappsphp

https://www.exploit-db.com/exploits/9850

View Code ZIP pw:eip

This is a vulnerability report describing an SQL injection flaw in Xerox Fiery Webtools via the /wt3/summary.php?select= parameter. No exploit code is provided, only a description of the issue.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: Xerox Fiery Webtools

No auth needed

Prerequisites: Network access to the vulnerable endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/507650/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/54137

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/36906

Scores

EPSS 0.0018

EPSS Percentile 39.8%

Details

CWE

CWE-89

Status published

Products (1)

xerox/fiery_webtools

Published Nov 09, 2009

Tracked Since Feb 18, 2026