Lucene search
MitreCVE-2010-3482HistorySep 22, 2010 - 8:00 p.m.
CVE-2010-3482
2010-09-2220:00:10
CWE-89
mitre
web.nvd.nist.gov
19
cve-2010-3482
sql injection
primitive cms 1.0.9
authenticated administrators
arbitrary sql commands
cve-2010-3483.
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.013
Percentile
85.8%
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication.
Affected configurations
Node
bouzousteprimitive_cmsMatch1.0.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bouzouste | primitive_cms | 1.0.9 | cpe:2.3:a:bouzouste:primitive_cms:1.0.9:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
primitive CMS 1.0.9 - Multiple Vulnerabilities
2010-09-20 00:00:00
prion
prion
Sql injection
2010-09-22 20:00:00
Cross site scripting
2010-09-22 20:00:00
cvelist
cvelist
CVE-2010-3482
2010-09-22 19:00:00
CVE-2010-3483
2010-09-22 19:00:00
nvd
nvd
CVE-2010-3482
2010-09-22 20:00:10
CVE-2010-3483
2010-09-22 20:00:10
cve
cve
CVE-2010-3483
2010-09-22 20:00:10
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.013
Percentile
85.8%
Related for CVE-2010-3482