Lucene search

[email protected]CVE-2010-4696

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4696

2022-10-0316:21:06

CWE-89

[email protected]

web.nvd.nist.gov

cve

2010

4696

sql injection

joomla

remote attackers

arbitrary commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.028 Low

EPSS

Percentile

90.7%

JSON

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

joomlajoomla\!Match1.5.0

joomlajoomla\!Match1.5.1

joomlajoomla\!Match1.5.2

joomlajoomla\!Match1.5.3

joomlajoomla\!Match1.5.4

joomlajoomla\!Match1.5.5

joomlajoomla\!Match1.5.6

joomlajoomla\!Match1.5.7

joomlajoomla\!Match1.5.8

joomlajoomla\!Match1.5.9

joomlajoomla\!Match1.5.10

joomlajoomla\!Match1.5.11

joomlajoomla\!Match1.5.12

joomlajoomla\!Match1.5.13

joomlajoomla\!Match1.5.14

joomlajoomla\!Match1.5.15

joomlajoomla\!Match1.5.15rc

joomlajoomla\!Match1.5.16

joomlajoomla\!Match1.5.17

joomlajoomla\!Match1.5.18

joomlajoomla\!Match1.5.19

joomlajoomla\!Match1.5.20

joomlajoomla\!Match1.5.21

CPENameOperatorVersion
joomla:joomla\!joomla joomla!eq1.5.0
joomla:joomla\!joomla joomla!eq1.5.1
joomla:joomla\!joomla joomla!eq1.5.2
joomla:joomla\!joomla joomla!eq1.5.3
joomla:joomla\!joomla joomla!eq1.5.4
joomla:joomla\!joomla joomla!eq1.5.5
joomla:joomla\!joomla joomla!eq1.5.6
joomla:joomla\!joomla joomla!eq1.5.7
joomla:joomla\!joomla joomla!eq1.5.8
joomla:joomla\!joomla joomla!eq1.5.9

CPE	Name	Operator	Version
joomla:joomla\!	joomla joomla!	eq	1.5.0
joomla:joomla\!	joomla joomla!	eq	1.5.1
joomla:joomla\!	joomla joomla!	eq	1.5.2
joomla:joomla\!	joomla joomla!	eq	1.5.3
joomla:joomla\!	joomla joomla!	eq	1.5.4
joomla:joomla\!	joomla joomla!	eq	1.5.5
joomla:joomla\!	joomla joomla!	eq	1.5.6
joomla:joomla\!	joomla joomla!	eq	1.5.7
joomla:joomla\!	joomla joomla!	eq	1.5.8
joomla:joomla\!	joomla joomla!	eq	1.5.9

Rows per page:

1-10 of 221

References

developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html

openwall.com/lists/oss-security/2010/11/12/5

openwall.com/lists/oss-security/2010/11/12/6

secunia.com/advisories/42133

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.028 Low

EPSS

Percentile

90.7%

JSON

Related for CVE-2010-4696

nvd2 cvelist2 prion2 openvas2 cve1