exploitDog

CVE-2010-4362

Опубликовано: 01 дек. 2010

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer Website allow remote attackers to execute arbitrary SQL commands via the (1) selStock parameter to search.asp and the (2) orderBy parameter to showAlllistings.asp.

Ссылки

http://secunia.com/advisories/41319
Vendor Advisory
http://www.exploit-db.com/exploits/15629
Exploit
http://www.securityfocus.com/bid/45089
http://secunia.com/advisories/41319
Vendor Advisory
http://www.exploit-db.com/exploits/15629
Exploit
http://www.securityfocus.com/bid/45089

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:micronetsoft:rv_dealer_website:*:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-2pmv-p43r-3vvm

github

больше 3 лет назад

Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer Website allow remote attackers to execute arbitrary SQL commands via the (1) selStock parameter to search.asp and the (2) orderBy parameter to showAlllistings.asp.

EPSS

Процентиль: 50%

0.00265

Низкий

7.5 High

CVSS2

Дефекты

CWE-89