Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-2317
cve-2010-2317
sql injection
wmscms 2.0
security vulnerability
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.8 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.3%
Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp.
Affected configurations
Node
wmsdesignwmscmsRange≤2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| wmsdesign:wmscms | wmsdesign wmscms | le | 2.0 |
Related
cvelist
cvelist
CVE-2010-2317
2022-10-03 16:21:09
nvd
nvd
CVE-2010-2317
2010-06-17 16:30:02
prion
prion
Sql injection
2010-06-17 16:30:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.8 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.3%
Related for CVE-2010-2317