CVE-2009-3052

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
03/09/2009
Last modified:
09/04/2025

Description

SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:phpbb:phpbb:3.0:*:*:*:*:*:*:*
cpe:2.3:a:absoluteanime:prime_quick_style:1.2.3:*:*:*:*:*:*:*