CVE-2010-0458

Sažetak

Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to index.php and the (2) note parameter to blog.php.

Reference

http://packetstormsecurity.org/0512-exploits/blog12SQL.txt
http://www.exploit-db.com/exploits/11216
http://www.securityfocus.com/bid/37911
https://exchange.xforce.ibmcloud.com/vulnerabilities/55818
https://exchange.xforce.ibmcloud.com/vulnerabilities/55862

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-08-2017 - 01:32

Objavljeno

28-01-2010 - 20:30