cpe:/a:creloaded:cre_loaded:6.2 CVE-2009-1403 2009-04-24T10:30:00.280-04:00 2017-09-28T21:34:21.920-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-04-24T11:04:00.000-04:00 BID 34640 EXPLOIT-DB 8501 XF creloaded-productinfo-sql-injection(49987) SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.