Unrated severityNVD Advisory· Published Feb 23, 2009· Updated Jun 16, 2026
CVE-2009-0711
CVE-2009-0711
Description
filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some sources, but the provenance of that information is unknown.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:vlad_alexa_mancini:phpfootball:1.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:vlad_alexa_mancini:phpfootball:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:vlad_alexa_mancini:phpfootball:1.6:*:*:*:*:*:*:*
- (no CPE)range: <=1.6
Patches
Vulnerability mechanics
References
3- secunia.com/advisories/33367nvdVendor Advisory
- www.osvdb.org/51102nvd
- www.exploit-db.com/exploits/7636nvd
News mentions
0No linked articles in our index yet.