Lucene search

[email protected]CVE-2010-2851

HistoryJul 25, 2010 - 2:04 a.m.

CVE-2010-2851

2010-07-2502:04:13

CWE-89

[email protected]

web.nvd.nist.gov

cve-2010-2851

sql injection

booklibrary

joomla

security vulnerability

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.6%

JSON

SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.

Affected configurations

NVD

Node

ordasoftcom_booklibraryMatch1.5

AND

joomlajoomla\!

CPENameOperatorVersion
ordasoft:com_booklibraryordasoft com booklibraryeq1.5

CPE	Name	Operator	Version
ordasoft:com_booklibrary	ordasoft com booklibrary	eq	1.5

References

secunia.com/advisories/40130

secunia.com/secunia_research/2010-83/

www.osvdb.org/65996

www.securityfocus.com/archive/1/512174/100/0/threaded

www.securityfocus.com/bid/41350

www.vupen.com/english/advisories/2010/1707

exchange.xforce.ibmcloud.com/vulnerabilities/60107

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.6%

JSON

Related for CVE-2010-2851

cvelist1 nvd1 prion1