Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-4851
HistorySep 27, 2011 - 10:55 a.m.

CVE-2010-4851

2011-09-2710:55:05
CWE-89
[email protected]
web.nvd.nist.gov
23
sql injection
eclime
security vulnerability
remote attack
nvd
cve-2010-4851

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.2%

JSON

Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php.

Affected configurations

NVD
Node
eclimeeclimeMatch1.1.2b
CPENameOperatorVersion
eclime:eclimeeclimeeq1.1.2b

Related

nessus 1
prion 1
cvelist 1
nvd 1
openvas 2
htbridge 1
nessus
nessus
eclime index.php ref Parameter SQL Injection
2010-12-13 00:00:00
prion
prion
Sql injection
2011-09-27 10:55:00
cvelist
cvelist
CVE-2010-4851
2011-09-27 10:00:00
nvd
nvd
CVE-2010-4851
2011-09-27 10:55:05
openvas
openvas
Eclime Multiple SQL Injection and Cross-site Scripting Vulnerabilities
2011-10-20 00:00:00
Eclime Multiple SQL Injection and Cross-site Scripting Vulnerabilities
2011-10-20 00:00:00
htbridge
htbridge
Multiple Vulnerabilities in Eclime
2010-11-16 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.2%

JSON
Related for CVE-2010-4851
nessus1prion1cvelist1nvd1openvas2htbridge1