Lucene search

CVE-2015-10086

🗓️ 28 Feb 2023 00:09:15Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 43 Views🌐 WEB

Vulnerability in OpenCycleCompass server-php allows remote attackers to execute SQL injection via the user argument in the api1/login.php fil

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2015-10086 OpenCycleCompass server-php login.php sql injection	28 Feb 202300:00	–	cvelist
Prion	Sql injection	28 Feb 202300:15	–	prion
RedhatCVE	CVE-2015-10086	5 Feb 202513:11	–	redhatcve
NVD	CVE-2015-10086	28 Feb 202300:15	–	nvd

Nvd

Node

server-php_project server-phpRange<2015-02-03

[
  {
    "vendor": "OpenCycleCompass",
    "product": "server-php",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/OpenCycleCompass/server-php/commit/fa0d9bcf81c711a88172ad0d37a842f029ac3782
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
user	query param	api1/login.php	SQL injection vulnerability in the user parameter of the login endpoint.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Feb 2023 00:15Current

9High risk

Vulners AI Score9

CVSS27.5

CVSS37.3 - 9.8

EPSS0.00176

CWE-89