Lucene search

[email protected]CVE-2010-4273

HistoryNov 17, 2010 - 1:00 a.m.

CVE-2010-4273

2010-11-1701:00:05

CWE-89

[email protected]

web.nvd.nist.gov

cve-2010-4273

sql injection

imoveis.php

descargarvista acc imoveis 1.1

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.0%

JSON

SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

accimoveisdescargarvista_acc_imoveisMatch1.1

CPENameOperatorVersion
accimoveis:descargarvista_acc_imoveisaccimoveis descargarvista acc imoveiseq1.1

CPE	Name	Operator	Version
accimoveis:descargarvista_acc_imoveis	accimoveis descargarvista acc imoveis	eq	1.1

References

packetstormsecurity.org/1010-exploits/accimoveis-sql.txt

www.exploit-db.com/exploits/15338

www.securityfocus.com/bid/44481

exchange.xforce.ibmcloud.com/vulnerabilities/62843

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.0%

JSON

Related for CVE-2010-4273

cvelist1 nvd1 prion1