CVE-2010-1046

Опубликовано: 23 мар. 2010

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.

Ссылки

http://osvdb.org/62162
http://secunia.com/advisories/38440
Vendor Advisory
http://www.exploit-db.com/exploits/11356
Exploit
http://www.vupen.com/english/advisories/2010/0318
Vendor Advisory
http://osvdb.org/62162
http://secunia.com/advisories/38440
Vendor Advisory
http://www.exploit-db.com/exploits/11356
Exploit
http://www.vupen.com/english/advisories/2010/0318
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ryan_marshall:rostermain:*:*:*:*:*:*:*:*

Версия до 1.1 (включая)

EPSS

Процентиль: 62%

0.00423

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-p882-hh8r-7pqc

github

почти 4 года назад