Unrated severityNVD Advisory· Published Apr 21, 2010· Updated Apr 29, 2026

CVE-2009-4783

Description

Multiple SQL injection vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to execute arbitrary SQL commands via the start parameter to (1) forum.php and (2) thread.php in community/, and (3) blog/index.php.

Affected products

Mntechsolutions/Theeta CMS2 versions
cpe:2.3:a:mntechsolutions:theeta_cms:0.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mntechsolutions:theeta_cms:0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mntechsolutions:theeta_cms:0.01:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.org/0912-exploits/theeta-sqlxss.txtnvdExploit
secunia.com/advisories/37529nvdVendor Advisory
www.securityfocus.com/archive/1/508148/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000