cpe:/a:2fly:gift_delivery_system:6.0 CVE-2009-2915 2009-08-21T07:30:00.217-04:00 2009-08-21T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-08-21T09:54:00.000-04:00 SECUNIA 36294 MISC http://packetstormsecurity.org/0908-exploits/discuz60-sql.txt SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action.