Search...

CVE-2010-4505

2010-12-08T15:00:04

ID CVE-2010-4505
Type cve
Reporter NVD
Modified 2010-12-09T00:00:00

Description

Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) un and (2) pw parameters.

JSON Vulners Source

Initial Source

{"modified": "2010-12-09T00:00:00", "id": "CVE-2010-4505", "edition": 1, "objectVersion": "1.2", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4505", "cvelist": ["CVE-2010-4505"], "references": ["http://www.johnleitch.net/Vulnerabilities/Injader.2.4.4.SQL.Injection/69"], "bulletinFamily": "NVD", "lastseen": "2016-09-03T14:37:09", "title": "CVE-2010-4505", "published": "2010-12-08T15:00:04", "viewCount": 0, "type": "cve", "cpe": ["cpe:/a:injader:injader:2.4.4"], "description": "Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) un and (2) pw parameters.", "hash": "3c3400f2cb81ef892d6d87ba29b0b95ed7db90993719db08e80fdbdd93dce3cc", "reporter": "NVD", "scanner": [], "assessment": {"system": "", "name": "", "href": ""}, "enchantments": {"vulnersScore": 7.5}}