Lucene search

[email protected]CVE-2010-4166

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4166

2022-10-0316:21:03

CWE-89

[email protected]

web.nvd.nist.gov

cve

2010

4166

joomla

sql injection

vulnerability

remote attackers

arbitrary sql commands

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.028 Low

EPSS

Percentile

90.7%

JSON

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php.

Affected configurations

NVD

Node

joomlajoomla\!Match1.5.0

joomlajoomla\!Match1.5.1

joomlajoomla\!Match1.5.2

joomlajoomla\!Match1.5.3

joomlajoomla\!Match1.5.4

joomlajoomla\!Match1.5.5

joomlajoomla\!Match1.5.6

joomlajoomla\!Match1.5.7

joomlajoomla\!Match1.5.8

joomlajoomla\!Match1.5.9

joomlajoomla\!Match1.5.10

joomlajoomla\!Match1.5.11

joomlajoomla\!Match1.5.12

joomlajoomla\!Match1.5.13

joomlajoomla\!Match1.5.14

joomlajoomla\!Match1.5.15

joomlajoomla\!Match1.5.15rc

joomlajoomla\!Match1.5.16

joomlajoomla\!Match1.5.17

joomlajoomla\!Match1.5.18

joomlajoomla\!Match1.5.19

joomlajoomla\!Match1.5.20

joomlajoomla\!Match1.5.21

CPENameOperatorVersion
joomla:joomla\!joomla joomla!eq1.5.0
joomla:joomla\!joomla joomla!eq1.5.1
joomla:joomla\!joomla joomla!eq1.5.2
joomla:joomla\!joomla joomla!eq1.5.3
joomla:joomla\!joomla joomla!eq1.5.4
joomla:joomla\!joomla joomla!eq1.5.5
joomla:joomla\!joomla joomla!eq1.5.6
joomla:joomla\!joomla joomla!eq1.5.7
joomla:joomla\!joomla joomla!eq1.5.8
joomla:joomla\!joomla joomla!eq1.5.9

CPE	Name	Operator	Version
joomla:joomla\!	joomla joomla!	eq	1.5.0
joomla:joomla\!	joomla joomla!	eq	1.5.1
joomla:joomla\!	joomla joomla!	eq	1.5.2
joomla:joomla\!	joomla joomla!	eq	1.5.3
joomla:joomla\!	joomla joomla!	eq	1.5.4
joomla:joomla\!	joomla joomla!	eq	1.5.5
joomla:joomla\!	joomla joomla!	eq	1.5.6
joomla:joomla\!	joomla joomla!	eq	1.5.7
joomla:joomla\!	joomla joomla!	eq	1.5.8
joomla:joomla\!	joomla joomla!	eq	1.5.9

Rows per page:

1-10 of 221

References

archives.neohapsis.com/archives/fulldisclosure/2010-10/0514.html

developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html

openwall.com/lists/oss-security/2010/11/12/5

openwall.com/lists/oss-security/2010/11/12/6

secunia.com/advisories/42133

yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order%29_front.jpg

yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg

yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.028 Low

EPSS

Percentile

90.7%

JSON

Related for CVE-2010-4166

prion2 cvelist2 nvd2 openvas2 cve1