CVE-2010-1092

Опубликовано: 24 мар. 2010

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.

Ссылки

http://osvdb.org/62626
http://secunia.com/advisories/38771
Vendor Advisory
http://www.exploit-db.com/exploits/11592
Exploit
http://www.securityfocus.com/bid/38470
http://www.vupen.com/english/advisories/2010/0494
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56570
http://osvdb.org/62626
http://secunia.com/advisories/38771
Vendor Advisory
http://www.exploit-db.com/exploits/11592
Exploit
http://www.securityfocus.com/bid/38470
http://www.vupen.com/english/advisories/2010/0494
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56570

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scriptsfeed:business_directory_software:*:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.002

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-9g3p-5mff-vc5c

github

почти 4 года назад