Lucene search

MitreCVE-2010-4752

HistoryMar 01, 2011 - 10:00 p.m.

CVE-2010-4752

2011-03-0122:00:01

CWE-89

mitre

web.nvd.nist.gov

cve-2010-4752

sql injection

lightneasy

vulnerability

remote attackers

magic_quotes_gpc

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.01

Percentile

83.5%

JSON

SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

lightneasylightneasyMatch3.2.1

VendorProductVersionCPE
lightneasylightneasy3.2.1cpe:2.3:a:lightneasy:lightneasy:3.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lightneasy	lightneasy	3.2.1	cpe:2.3:a:lightneasy:lightneasy:3.2.1:::::::*

References

secunia.com/advisories/42391

www.lightneasy.org/punbb/viewtopic.php?id=1207

www.securityfocus.com/bid/45230

exchange.xforce.ibmcloud.com/vulnerabilities/63722

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.01

Percentile

83.5%

JSON

Related for CVE-2010-4752