cpe:/a:karl_core:bandsite_cms:1.1.4 CVE-2009-4792 2010-04-22T10:30:00.540-04:00 2017-09-18T21:30:04.437-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-04-23T09:02:00.000-04:00 SECUNIA 21992 BID 34292 EXPLOIT-DB 8309 SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote attackers to execute arbitrary SQL commands via the memid parameter to members.php.