cpe:/a:kimwebsites:kim_websites:1.0 CVE-2009-1026 2009-03-19T20:30:00.627-04:00 2017-09-28T21:34:07.623-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-03-20T09:11:00.000-04:00 BID 34116 EXPLOIT-DB 8209 VUPEN ADV-2009-0732 XF kimwebsites-login-sql-injection(49259) Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.