Lucene search

[email protected]CVE-2010-0673

HistoryFeb 22, 2010 - 8:30 p.m.

CVE-2010-0673

2010-02-2220:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2010-0673

sql injection

cplphoto.php

copperleaf photolog

wordpress

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.7%

JSON

SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter.

Affected configurations

NVD

Node

copperleafphotologMatch0.16

AND

wordpresswordpress

CPENameOperatorVersion
copperleaf:photologcopperleaf photologeq0.16

CPE	Name	Operator	Version
copperleaf:photolog	copperleaf photolog	eq	0.16

References

osvdb.org/62346

packetstormsecurity.org/1002-exploits/wpcopperleaf-sql.txt

secunia.com/advisories/38579

www.exploit-db.com/exploits/11458

www.securityfocus.com/bid/38239

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.7%

JSON

Related for CVE-2010-0673

cvelist1 nvd1 prion1 patchstack1 wpvulndb1