CVE-2010-0964

2010-03-1618:26:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.3%

JSON

SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.

References

4004securityproject.wordpress.com/2010/03/11/eros-erotik-webkatalog-start-php-rubrikidsql-injection/

osvdb.org/62902

packetstormsecurity.org/1003-exploits/eroserotikwebkat-sql.txt

secunia.com/advisories/38900

www.exploit-db.com/exploits/11689

exchange.xforce.ibmcloud.com/vulnerabilities/56851