Lucene search

[email protected]CVE-2010-1331

HistoryApr 09, 2010 - 5:30 p.m.

CVE-2010-1331

2010-04-0917:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2010-1331

nvd

heartlogic

hl-sitemanager

sql injection

remote attackers

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.1%

JSON

SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Affected configurations

NVD

Node

heartlogichl-sitemanagerMatch0.50

heartlogichl-sitemanagerMatch0.70

heartlogichl-sitemanagerMatch0.71

heartlogichl-sitemanagerMatch1.00

CPENameOperatorVersion
heartlogic:hl-sitemanagerheartlogic hl-sitemanagereq0.50
heartlogic:hl-sitemanagerheartlogic hl-sitemanagereq0.70
heartlogic:hl-sitemanagerheartlogic hl-sitemanagereq0.71
heartlogic:hl-sitemanagerheartlogic hl-sitemanagereq1.00

CPE	Name	Operator	Version
heartlogic:hl-sitemanager	heartlogic hl-sitemanager	eq	0.50
heartlogic:hl-sitemanager	heartlogic hl-sitemanager	eq	0.70
heartlogic:hl-sitemanager	heartlogic hl-sitemanager	eq	0.71
heartlogic:hl-sitemanager	heartlogic hl-sitemanager	eq	1.00

References

jvn.jp/en/jp/JVN60969543/index.html

jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000010.html

www.heartlogic.jp/docs/free_cgi/hl-sitemanager.html

exchange.xforce.ibmcloud.com/vulnerabilities/57495

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.1%

JSON

Related for CVE-2010-1331

nvd1 cvelist1 jvn1 prion1