Lucene search

[email protected]CVE-2010-1344

HistoryApr 09, 2010 - 6:30 p.m.

CVE-2010-1344

2010-04-0918:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2010

1344

sql injection

cookex agency

ckforms

joomla

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.5%

JSON

SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.

Affected configurations

NVD

Node

cookexcom_ckformsMatch1.3.3

AND

joomlajoomla\!

CPENameOperatorVersion
cookex:com_ckformscookex com ckformseq1.3.3

CPE	Name	Operator	Version
cookex:com_ckforms	cookex com ckforms	eq	1.3.3

References

packetstormsecurity.org/1003-exploits/joomlackforms-lfisql.txt

secunia.com/advisories/38976

www.exploit-db.com/exploits/11785

www.osvdb.org/63032

www.securityfocus.com/bid/38785

exchange.xforce.ibmcloud.com/vulnerabilities/56988

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.5%

JSON

Related for CVE-2010-1344

nvd1 cvelist1 prion1 checkpoint_advisories1