Vulnerabilities > Maxdev > Cwguestbook

DATE CVE VULNERABILITY TITLE RISK
2009-07-02 CVE-2009-2307 SQL Injection vulnerability in Maxdev Cwguestbook
SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers to execute arbitrary SQL commands via the rid parameter in a viewrecords action to modules.php.
network
low complexity
maxdev CWE-89
7.5