Unrated severityNVD Advisory· Published Mar 5, 2010· Updated Jun 16, 2026
CVE-2009-4669
CVE-2009-4669
Description
Multiple SQL injection vulnerabilities in RoomPHPlanning 1.6 allow remote attackers to execute arbitrary SQL commands via (1) the loginus parameter to Login.php or (2) the Old Password field to changepwd.php, and allow (3) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/userform.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:beaussier:roomphplanning:1.6:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- secunia.com/advisories/35237nvdVendor Advisory
- www.exploit-db.com/exploits/8797nvd
News mentions
0No linked articles in our index yet.