cpe:/a:anoldman:utopic:1.0 CVE-2009-1661 2009-05-18T08:00:01.877-04:00 2017-09-28T21:34:29.950-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-18T10:58:00.000-04:00 BUGTRAQ 20090511 (POST var 'rating') BLIND SQL INJECTION--microTopic v1 Initial Release--> BID 34907 SECUNIA 35051 EXPLOIT-DB 8655 VUPEN ADV-2009-1288 CONFIRM http://sourceforge.net/project/shownotes.php?group_id=261386&release_id=680474 XF microtopic-rating-sql-injection(50428) SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.