cpe:/a:fanupdate:fanupdate:2.2.1 CVE-2009-3308 2009-09-23T08:08:35.110-04:00 2017-09-18T21:29:33.093-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-09-23T08:49:00.000-04:00 SECUNIA 36795 EXPLOIT-DB 9719 VUPEN ADV-2009-2703 SQL injection vulnerability in show-cat.php in FanUpdate 2.2.1 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.