{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T22:12:11.495","vulnerabilities":[{"cve":{"id":"CVE-2009-2366","sourceIdentifier":"cve@mitre.org","published":"2009-07-08T15:30:01.343","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5.  NOTE: some of these details are obtained from third party information."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en login.asp en DataCheck Solutions ForumPal FE v1.1 y ForumPal v.1.5 permite a atacantes remotos ejecutar comandos SQL a su elección a través de (1) parámetro password en v1.1 y (2) parámetro p_password en v.1.5. NOTA: algunos de estos detalles se han obtenido exclusivamente de información de terceros."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:datachecknh:forumpal:1.5:*:*:*:*:*:*:*","matchCriteriaId":"902F1AA0-8056-4A42-8730-A7C1B0076698"},{"vulnerable":true,"criteria":"cpe:2.3:a:datachecknh:forumpal_fe:1.1:*:*:*:*:*:*:*","matchCriteriaId":"2170FD4B-44CB-4EB3-A610-F37B2A98CDFC"}]}]}],"references":[{"url":"http://secunia.com/advisories/35589","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/35603","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.exploit-db.com/exploits/9024","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/55496","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.osvdb.org/55497","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/51403","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/35589","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/35603","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.exploit-db.com/exploits/9024","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/55496","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.osvdb.org/55497","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/51403","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}