Unrated severityNVD Advisory· Published May 11, 2010· Updated Apr 29, 2026
CVE-2009-4865
CVE-2009-4865
Description
Multiple SQL injection vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) search_name and (2) languages parameters. NOTE: some of these details are obtained from third party information.
Affected products
2- cpe:2.3:a:i-escorts:i-escorts_agency_script:*:*:*:*:*:*:*:*
- cpe:2.3:a:i-escorts:i-escorts_directory_script:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.