Lucene search

[email protected]CVE-2010-0461

HistoryJan 28, 2010 - 8:30 p.m.

CVE-2010-0461

2010-01-2820:30:01

CWE-89

[email protected]

web.nvd.nist.gov

cve-2010-0461

sql injection

com_casino

joomla

vulnerability

remote attackers

nvd

8.7 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

32.1%

JSON

SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php.

Affected configurations

NVD

Node

joomlacom_casinoMatch1.0

AND

joomlajoomla

CPENameOperatorVersion
joomla:com_casinojoomla com casinoeq1.0

CPE	Name	Operator	Version
joomla:com_casino	joomla com casino	eq	1.0

References

packetstormsecurity.org/1001-exploits/joomlacasino1-sql.txt

www.exploit-db.com/exploits/11237

www.securityfocus.com/bid/37938

exchange.xforce.ibmcloud.com/vulnerabilities/55846

8.7 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

32.1%

JSON

Related for CVE-2010-0461

cvelist1 nvd1 prion1