Lucene search

[email protected]CVE-2010-5015

HistoryNov 02, 2011 - 9:55 p.m.

CVE-2010-5015

2011-11-0221:55:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2010-5015

sql injection

view_photo.php

2daybiz network community script

alb parameter

nvd

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

37.1%

JSON

SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.

CPENameOperatorVersion
2daybiz:network_community_script2daybiz network community scripteq*

CPE	Name	Operator	Version
2daybiz:network_community_script	2daybiz network community script	eq	*

References

secunia.com/advisories/40247

securityreason.com/securityalert/8511

www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt

www.securityfocus.com/bid/40913

exchange.xforce.ibmcloud.com/vulnerabilities/59496

9.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

37.1%

JSON

Related for CVE-2010-5015

prion1 cvelist1