CVE-2010-0469

Опубликовано: 02 фев. 2010

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, and possibly other versions and models, allows remote attackers to execute arbitrary SQL commands via unspecified parameters to the login page.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0499.html
http://osvdb.org/61976
http://packetstormsecurity.org/1001-advisories/DDIVRT-2009-27.txt
Exploit
http://secunia.com/advisories/38310
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55950
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0499.html
http://osvdb.org/61976
http://packetstormsecurity.org/1001-advisories/DDIVRT-2009-27.txt
Exploit
http://secunia.com/advisories/38310
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55950

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:files2links:f2l_3000_appliance:4.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00465

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-xrp6-5g58-699g

github

почти 4 года назад